1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * CDDL HEADER START 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*7c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*7c478bd9Sstevel@tonic-gate * with the License. 8*7c478bd9Sstevel@tonic-gate * 9*7c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*7c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*7c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 12*7c478bd9Sstevel@tonic-gate * and limitations under the License. 13*7c478bd9Sstevel@tonic-gate * 14*7c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*7c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*7c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*7c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*7c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * CDDL HEADER END 21*7c478bd9Sstevel@tonic-gate */ 22*7c478bd9Sstevel@tonic-gate /* 23*7c478bd9Sstevel@tonic-gate * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*7c478bd9Sstevel@tonic-gate */ 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 28*7c478bd9Sstevel@tonic-gate 29*7c478bd9Sstevel@tonic-gate /* 30*7c478bd9Sstevel@tonic-gate * auditconfig - set and display audit parameters 31*7c478bd9Sstevel@tonic-gate */ 32*7c478bd9Sstevel@tonic-gate 33*7c478bd9Sstevel@tonic-gate #include <locale.h> 34*7c478bd9Sstevel@tonic-gate #include <sys/types.h> 35*7c478bd9Sstevel@tonic-gate #include <ctype.h> 36*7c478bd9Sstevel@tonic-gate #include <stdlib.h> 37*7c478bd9Sstevel@tonic-gate #include <stdarg.h> 38*7c478bd9Sstevel@tonic-gate #include <unistd.h> 39*7c478bd9Sstevel@tonic-gate #include <errno.h> 40*7c478bd9Sstevel@tonic-gate #include <sys/param.h> 41*7c478bd9Sstevel@tonic-gate #include <stdio.h> 42*7c478bd9Sstevel@tonic-gate #include <string.h> 43*7c478bd9Sstevel@tonic-gate #include <strings.h> 44*7c478bd9Sstevel@tonic-gate #include <nlist.h> 45*7c478bd9Sstevel@tonic-gate #include <fcntl.h> 46*7c478bd9Sstevel@tonic-gate #include <sys/socket.h> 47*7c478bd9Sstevel@tonic-gate #include <netdb.h> 48*7c478bd9Sstevel@tonic-gate #include <netinet/in.h> 49*7c478bd9Sstevel@tonic-gate #include <arpa/inet.h> 50*7c478bd9Sstevel@tonic-gate #include <sys/mkdev.h> 51*7c478bd9Sstevel@tonic-gate #include <sys/param.h> 52*7c478bd9Sstevel@tonic-gate #include <pwd.h> 53*7c478bd9Sstevel@tonic-gate #include <libintl.h> 54*7c478bd9Sstevel@tonic-gate #include <zone.h> 55*7c478bd9Sstevel@tonic-gate 56*7c478bd9Sstevel@tonic-gate #include <bsm/audit.h> 57*7c478bd9Sstevel@tonic-gate #include <bsm/audit_record.h> 58*7c478bd9Sstevel@tonic-gate #include <bsm/libbsm.h> 59*7c478bd9Sstevel@tonic-gate 60*7c478bd9Sstevel@tonic-gate #if !defined(TEXT_DOMAIN) 61*7c478bd9Sstevel@tonic-gate #define TEXT_DOMAIN "SUNW_OST_OSCMD" 62*7c478bd9Sstevel@tonic-gate #endif 63*7c478bd9Sstevel@tonic-gate 64*7c478bd9Sstevel@tonic-gate #define AC_ARG_AUDIT 0 65*7c478bd9Sstevel@tonic-gate #define AC_ARG_CHKCONF 1 66*7c478bd9Sstevel@tonic-gate #define AC_ARG_CONF 2 67*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETASID 3 /* same as GETSID */ 68*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETAUDIT 4 69*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETAUID 5 70*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETCAR 6 71*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETCLASS 7 /* same as GETESTATE */ 72*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETCOND 8 73*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETCWD 9 74*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETESTATE 10 75*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETKERNSTATE 11 76*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETKMASK 12 /* same as GETKERNSTATE */ 77*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETPINFO 13 78*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETPOLICY 14 79*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETQBUFSZ 15 80*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETQCTRL 16 81*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETQDELAY 17 82*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETQHIWATER 18 83*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETQLOWATER 19 84*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETSID 20 85*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETSTAT 21 86*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETTERMID 22 87*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETUSERAUDIT 23 /* only CMW syscall w/out */ 88*7c478bd9Sstevel@tonic-gate #define AC_ARG_LSEVENT 24 89*7c478bd9Sstevel@tonic-gate #define AC_ARG_LSPOLICY 25 90*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETASID 26 91*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETAUDIT 27 92*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETAUID 28 93*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETCLASS 29 /* same as SETESTATE */ 94*7c478bd9Sstevel@tonic-gate /* AC_ARG_SETCOND 30 */ 95*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETESTATE 31 96*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETKERNSTATE 32 97*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETKMASK 33 /* same as SETKERNSTATE */ 98*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETPMASK 34 99*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETSMASK 35 100*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETSTAT 36 101*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETPOLICY 37 102*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETQBUFSZ 38 103*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETQCTRL 39 104*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETQDELAY 40 105*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETQHIWATER 41 106*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETQLOWATER 42 107*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETTERMID 43 108*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETUMASK 44 109*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETUSERAUDIT 45 110*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETFSIZE 46 111*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETFSIZE 47 112*7c478bd9Sstevel@tonic-gate #define AC_ARG_GETKAUDIT 48 113*7c478bd9Sstevel@tonic-gate #define AC_ARG_SETKAUDIT 49 114*7c478bd9Sstevel@tonic-gate #define AC_ARG_ACONF 50 115*7c478bd9Sstevel@tonic-gate #define AC_ARG_CHKACONF 51 116*7c478bd9Sstevel@tonic-gate 117*7c478bd9Sstevel@tonic-gate #define AC_KERN_EVENT 0 118*7c478bd9Sstevel@tonic-gate #define AC_USER_EVENT 1 119*7c478bd9Sstevel@tonic-gate 120*7c478bd9Sstevel@tonic-gate #define NONE(s) (!strlen(s) ? gettext("none") : s) 121*7c478bd9Sstevel@tonic-gate 122*7c478bd9Sstevel@tonic-gate #define ALL_POLICIES (AUDIT_AHLT|\ 123*7c478bd9Sstevel@tonic-gate AUDIT_ARGE|\ 124*7c478bd9Sstevel@tonic-gate AUDIT_ARGV|\ 125*7c478bd9Sstevel@tonic-gate AUDIT_CNT|\ 126*7c478bd9Sstevel@tonic-gate AUDIT_GROUP|\ 127*7c478bd9Sstevel@tonic-gate AUDIT_PASSWD|\ 128*7c478bd9Sstevel@tonic-gate AUDIT_WINDATA|\ 129*7c478bd9Sstevel@tonic-gate AUDIT_SEQ|\ 130*7c478bd9Sstevel@tonic-gate AUDIT_TRAIL|\ 131*7c478bd9Sstevel@tonic-gate AUDIT_PATH|\ 132*7c478bd9Sstevel@tonic-gate AUDIT_PUBLIC|\ 133*7c478bd9Sstevel@tonic-gate AUDIT_ZONENAME|\ 134*7c478bd9Sstevel@tonic-gate AUDIT_PERZONE) 135*7c478bd9Sstevel@tonic-gate 136*7c478bd9Sstevel@tonic-gate #define NO_POLICIES (0) 137*7c478bd9Sstevel@tonic-gate 138*7c478bd9Sstevel@tonic-gate #define ONEK 1024 139*7c478bd9Sstevel@tonic-gate 140*7c478bd9Sstevel@tonic-gate /* This should be defined in <string.h>, but it is not */ 141*7c478bd9Sstevel@tonic-gate extern int strncasecmp(); 142*7c478bd9Sstevel@tonic-gate 143*7c478bd9Sstevel@tonic-gate /* 144*7c478bd9Sstevel@tonic-gate * remove this after the audit.h is fixed 145*7c478bd9Sstevel@tonic-gate */ 146*7c478bd9Sstevel@tonic-gate 147*7c478bd9Sstevel@tonic-gate struct arg_entry { 148*7c478bd9Sstevel@tonic-gate char *arg_str; 149*7c478bd9Sstevel@tonic-gate char *arg_opts; 150*7c478bd9Sstevel@tonic-gate int auditconfig_cmd; 151*7c478bd9Sstevel@tonic-gate }; 152*7c478bd9Sstevel@tonic-gate 153*7c478bd9Sstevel@tonic-gate struct policy_entry { 154*7c478bd9Sstevel@tonic-gate char *policy_str; 155*7c478bd9Sstevel@tonic-gate uint_t policy_mask; 156*7c478bd9Sstevel@tonic-gate char *policy_desc; 157*7c478bd9Sstevel@tonic-gate }; 158*7c478bd9Sstevel@tonic-gate 159*7c478bd9Sstevel@tonic-gate static struct arg_entry arg_table[] = { 160*7c478bd9Sstevel@tonic-gate { "-aconf", "", AC_ARG_ACONF}, 161*7c478bd9Sstevel@tonic-gate { "-audit", "event sorf retval string", AC_ARG_AUDIT}, 162*7c478bd9Sstevel@tonic-gate { "-chkaconf", "", AC_ARG_CHKACONF}, 163*7c478bd9Sstevel@tonic-gate { "-chkconf", "", AC_ARG_CHKCONF}, 164*7c478bd9Sstevel@tonic-gate { "-conf", "", AC_ARG_CONF}, 165*7c478bd9Sstevel@tonic-gate { "-getasid", "", AC_ARG_GETASID}, 166*7c478bd9Sstevel@tonic-gate { "-getaudit", "", AC_ARG_GETAUDIT}, 167*7c478bd9Sstevel@tonic-gate { "-getauid", "", AC_ARG_GETAUID}, 168*7c478bd9Sstevel@tonic-gate { "-getcar", "", AC_ARG_GETCAR}, 169*7c478bd9Sstevel@tonic-gate { "-getclass", "", AC_ARG_GETCLASS}, 170*7c478bd9Sstevel@tonic-gate { "-getcond", "", AC_ARG_GETCOND}, 171*7c478bd9Sstevel@tonic-gate { "-getcwd", "", AC_ARG_GETCWD}, 172*7c478bd9Sstevel@tonic-gate { "-getestate", "event", AC_ARG_GETESTATE}, 173*7c478bd9Sstevel@tonic-gate { "-getfsize", "", AC_ARG_GETFSIZE}, 174*7c478bd9Sstevel@tonic-gate { "-getkaudit", "", AC_ARG_GETKAUDIT}, 175*7c478bd9Sstevel@tonic-gate { "-getkernstate", "", AC_ARG_GETKERNSTATE}, 176*7c478bd9Sstevel@tonic-gate { "-getkmask", "", AC_ARG_GETKMASK}, 177*7c478bd9Sstevel@tonic-gate { "-getpinfo", "", AC_ARG_GETPINFO}, 178*7c478bd9Sstevel@tonic-gate { "-getpolicy", "", AC_ARG_GETPOLICY}, 179*7c478bd9Sstevel@tonic-gate { "-getqbufsz", "", AC_ARG_GETQBUFSZ}, 180*7c478bd9Sstevel@tonic-gate { "-getqctrl", "", AC_ARG_GETQCTRL}, 181*7c478bd9Sstevel@tonic-gate { "-getqdelay", "", AC_ARG_GETQDELAY}, 182*7c478bd9Sstevel@tonic-gate { "-getqhiwater", "", AC_ARG_GETQHIWATER}, 183*7c478bd9Sstevel@tonic-gate { "-getqlowater", "", AC_ARG_GETQLOWATER}, 184*7c478bd9Sstevel@tonic-gate { "-getsid", "", AC_ARG_GETSID}, 185*7c478bd9Sstevel@tonic-gate { "-getstat", "", AC_ARG_GETSTAT}, 186*7c478bd9Sstevel@tonic-gate { "-gettermid", "", AC_ARG_GETTERMID}, 187*7c478bd9Sstevel@tonic-gate { "-gettid", "", AC_ARG_GETTERMID}, 188*7c478bd9Sstevel@tonic-gate { "-getuseraudit", "user", AC_ARG_GETUSERAUDIT}, 189*7c478bd9Sstevel@tonic-gate { "-lsevent", "", AC_ARG_LSEVENT}, 190*7c478bd9Sstevel@tonic-gate { "-lspolicy", "", AC_ARG_LSPOLICY}, 191*7c478bd9Sstevel@tonic-gate { "-setasid", "asid [cmd]", AC_ARG_SETASID}, 192*7c478bd9Sstevel@tonic-gate { "-setaudit", "auid audit_flags termid sid [cmd]", 193*7c478bd9Sstevel@tonic-gate AC_ARG_SETAUDIT}, 194*7c478bd9Sstevel@tonic-gate { "-setauid", "auid [cmd]", AC_ARG_SETAUID}, 195*7c478bd9Sstevel@tonic-gate { "-setclass", "event audit_flags", AC_ARG_SETCLASS}, 196*7c478bd9Sstevel@tonic-gate { "-setestate", "event audit_flags", AC_ARG_SETESTATE}, 197*7c478bd9Sstevel@tonic-gate { "-setfsize", "filesize", AC_ARG_SETFSIZE}, 198*7c478bd9Sstevel@tonic-gate { "-setkaudit", "type IP_address", AC_ARG_SETKAUDIT}, 199*7c478bd9Sstevel@tonic-gate { "-setkernstate", "audit_flags", AC_ARG_SETKERNSTATE}, 200*7c478bd9Sstevel@tonic-gate { "-setkmask", "audit_flags", AC_ARG_SETKMASK}, 201*7c478bd9Sstevel@tonic-gate { "-setpmask", "pid audit_flags [cmd]", AC_ARG_SETPMASK}, 202*7c478bd9Sstevel@tonic-gate { "-setpolicy", "policy_flags", AC_ARG_SETPOLICY}, 203*7c478bd9Sstevel@tonic-gate { "-setqbufsz", "bufsz", AC_ARG_SETQBUFSZ}, 204*7c478bd9Sstevel@tonic-gate { "-setqctrl", "hiwater lowater bufsz delay", AC_ARG_SETQCTRL}, 205*7c478bd9Sstevel@tonic-gate { "-setqdelay", "delay", AC_ARG_SETQDELAY}, 206*7c478bd9Sstevel@tonic-gate { "-setqhiwater", "hiwater", AC_ARG_SETQHIWATER}, 207*7c478bd9Sstevel@tonic-gate { "-setqlowater", "lowater", AC_ARG_SETQLOWATER}, 208*7c478bd9Sstevel@tonic-gate { "-setsmask", "asid audit_flags", AC_ARG_SETSMASK}, 209*7c478bd9Sstevel@tonic-gate { "-setstat", "", AC_ARG_SETSTAT}, 210*7c478bd9Sstevel@tonic-gate { "-settid", "tid [cmd]", AC_ARG_SETTERMID}, 211*7c478bd9Sstevel@tonic-gate { "-setumask", "user audit_flags", AC_ARG_SETUMASK}, 212*7c478bd9Sstevel@tonic-gate { "-setuseraudit", "user audit_flags", AC_ARG_SETUSERAUDIT} 213*7c478bd9Sstevel@tonic-gate }; 214*7c478bd9Sstevel@tonic-gate 215*7c478bd9Sstevel@tonic-gate #define ARG_TBL_SZ (sizeof (arg_table) / sizeof (struct arg_entry)) 216*7c478bd9Sstevel@tonic-gate 217*7c478bd9Sstevel@tonic-gate static struct arg_entry arg2_table[] = { 218*7c478bd9Sstevel@tonic-gate { "-chkconf", "", AC_ARG_CHKCONF}, 219*7c478bd9Sstevel@tonic-gate { "-conf", "", AC_ARG_CONF}, 220*7c478bd9Sstevel@tonic-gate { "-getcond", "", AC_ARG_GETCOND}, 221*7c478bd9Sstevel@tonic-gate { "-getclass", "event", AC_ARG_GETCLASS}, 222*7c478bd9Sstevel@tonic-gate { "-setclass", "event audit_flags", AC_ARG_SETCLASS}, 223*7c478bd9Sstevel@tonic-gate { "-lsevent", "", AC_ARG_LSEVENT}, 224*7c478bd9Sstevel@tonic-gate { "-lspolicy", "", AC_ARG_LSPOLICY}, 225*7c478bd9Sstevel@tonic-gate { "-getpolicy", "", AC_ARG_GETPOLICY}, 226*7c478bd9Sstevel@tonic-gate { "-setpolicy", "policy_flags", AC_ARG_SETPOLICY}, 227*7c478bd9Sstevel@tonic-gate { "-getstat", "", AC_ARG_GETSTAT}, 228*7c478bd9Sstevel@tonic-gate { "-getpinfo", "pid", AC_ARG_GETPINFO}, 229*7c478bd9Sstevel@tonic-gate { "-setpmask", "pid audit_flags", AC_ARG_SETPMASK}, 230*7c478bd9Sstevel@tonic-gate { "-setsmask", "asid audit_flags", AC_ARG_SETSMASK}, 231*7c478bd9Sstevel@tonic-gate { "-setumask", "user audit_flags", AC_ARG_SETUMASK}, 232*7c478bd9Sstevel@tonic-gate { "-getfsize", "", AC_ARG_GETFSIZE}, 233*7c478bd9Sstevel@tonic-gate { "-setfsize", "filesize", AC_ARG_SETFSIZE} 234*7c478bd9Sstevel@tonic-gate }; 235*7c478bd9Sstevel@tonic-gate 236*7c478bd9Sstevel@tonic-gate #define ARG2_TBL_SZ (sizeof (arg2_table) / sizeof (struct arg_entry)) 237*7c478bd9Sstevel@tonic-gate 238*7c478bd9Sstevel@tonic-gate static struct policy_entry policy_table[] = { 239*7c478bd9Sstevel@tonic-gate {"ahlt", AUDIT_AHLT, "halt machine if it can not record an " 240*7c478bd9Sstevel@tonic-gate "async event"}, 241*7c478bd9Sstevel@tonic-gate {"arge", AUDIT_ARGE, "include exec environment args in audit recs"}, 242*7c478bd9Sstevel@tonic-gate {"argv", AUDIT_ARGV, "include exec command line args in audit recs"}, 243*7c478bd9Sstevel@tonic-gate {"cnt", AUDIT_CNT, "when no more space, drop recs and keep a cnt"}, 244*7c478bd9Sstevel@tonic-gate {"group", AUDIT_GROUP, "include supplementary groups in audit recs"}, 245*7c478bd9Sstevel@tonic-gate {"seq", AUDIT_SEQ, "include a sequence number in audit recs"}, 246*7c478bd9Sstevel@tonic-gate {"trail", AUDIT_TRAIL, "include trailer token in audit recs"}, 247*7c478bd9Sstevel@tonic-gate {"path", AUDIT_PATH, "allow multiple paths per event"}, 248*7c478bd9Sstevel@tonic-gate {"public", AUDIT_PUBLIC, "audit public files"}, 249*7c478bd9Sstevel@tonic-gate {"zonename", AUDIT_ZONENAME, "generate zonename token"}, 250*7c478bd9Sstevel@tonic-gate {"perzone", AUDIT_PERZONE, "use a separate queue and auditd per " 251*7c478bd9Sstevel@tonic-gate "zone"}, 252*7c478bd9Sstevel@tonic-gate {"all", ALL_POLICIES, "all policies"}, 253*7c478bd9Sstevel@tonic-gate {"none", NO_POLICIES, "no policies"} 254*7c478bd9Sstevel@tonic-gate }; 255*7c478bd9Sstevel@tonic-gate 256*7c478bd9Sstevel@tonic-gate #define POLICY_TBL_SZ (sizeof (policy_table) / sizeof (struct policy_entry)) 257*7c478bd9Sstevel@tonic-gate 258*7c478bd9Sstevel@tonic-gate static char *progname; 259*7c478bd9Sstevel@tonic-gate 260*7c478bd9Sstevel@tonic-gate static au_event_ent_t *egetauevnam(); 261*7c478bd9Sstevel@tonic-gate static au_event_ent_t *egetauevnum(); 262*7c478bd9Sstevel@tonic-gate static char *strtolower(); 263*7c478bd9Sstevel@tonic-gate static int arg_ent_compare(); 264*7c478bd9Sstevel@tonic-gate static int cond2str(); 265*7c478bd9Sstevel@tonic-gate static int policy2str(); 266*7c478bd9Sstevel@tonic-gate static int str2type(); 267*7c478bd9Sstevel@tonic-gate static int str2policy(); 268*7c478bd9Sstevel@tonic-gate static int str2ipaddr(); 269*7c478bd9Sstevel@tonic-gate static int strisflags(); 270*7c478bd9Sstevel@tonic-gate static int strisipaddr(); 271*7c478bd9Sstevel@tonic-gate static int strisnum(); 272*7c478bd9Sstevel@tonic-gate static struct arg_entry *get_arg_ent(); 273*7c478bd9Sstevel@tonic-gate static struct policy_entry *get_policy_ent(); 274*7c478bd9Sstevel@tonic-gate static uid_t get_user_id(); 275*7c478bd9Sstevel@tonic-gate static void chk_event_num(); 276*7c478bd9Sstevel@tonic-gate static void chk_event_str(); 277*7c478bd9Sstevel@tonic-gate static void chk_retval(); 278*7c478bd9Sstevel@tonic-gate static void chk_sorf(); 279*7c478bd9Sstevel@tonic-gate static void chk_tid(); 280*7c478bd9Sstevel@tonic-gate static void do_aconf(); 281*7c478bd9Sstevel@tonic-gate static void do_args(); 282*7c478bd9Sstevel@tonic-gate static void do_audit(); 283*7c478bd9Sstevel@tonic-gate static void do_chkaconf(); 284*7c478bd9Sstevel@tonic-gate static void do_chkconf(); 285*7c478bd9Sstevel@tonic-gate static void do_conf(); 286*7c478bd9Sstevel@tonic-gate static void do_getasid(); 287*7c478bd9Sstevel@tonic-gate static void do_getaudit(); 288*7c478bd9Sstevel@tonic-gate static void do_getkaudit(); 289*7c478bd9Sstevel@tonic-gate static void do_setkaudit(); 290*7c478bd9Sstevel@tonic-gate static void do_getauid(); 291*7c478bd9Sstevel@tonic-gate static void do_getcar(); 292*7c478bd9Sstevel@tonic-gate static void do_getclass(); 293*7c478bd9Sstevel@tonic-gate static void do_getcond(); 294*7c478bd9Sstevel@tonic-gate static void do_getcwd(); 295*7c478bd9Sstevel@tonic-gate static void do_getkmask(); 296*7c478bd9Sstevel@tonic-gate static void do_getpinfo(); 297*7c478bd9Sstevel@tonic-gate static void do_getpolicy(); 298*7c478bd9Sstevel@tonic-gate static void do_getqbufsz(); 299*7c478bd9Sstevel@tonic-gate static void do_getqctrl(); 300*7c478bd9Sstevel@tonic-gate static void do_getqdelay(); 301*7c478bd9Sstevel@tonic-gate static void do_getqhiwater(); 302*7c478bd9Sstevel@tonic-gate static void do_getqlowater(); 303*7c478bd9Sstevel@tonic-gate static void do_getstat(); 304*7c478bd9Sstevel@tonic-gate static void do_gettermid(); 305*7c478bd9Sstevel@tonic-gate static void do_getuseraudit(); 306*7c478bd9Sstevel@tonic-gate static void do_lsevent(); 307*7c478bd9Sstevel@tonic-gate static void do_lspolicy(); 308*7c478bd9Sstevel@tonic-gate static void do_setasid(); 309*7c478bd9Sstevel@tonic-gate static void do_setaudit(); 310*7c478bd9Sstevel@tonic-gate static void do_setauid(); 311*7c478bd9Sstevel@tonic-gate static void do_setclass(); 312*7c478bd9Sstevel@tonic-gate static void do_setkmask(); 313*7c478bd9Sstevel@tonic-gate static void do_setpmask(); 314*7c478bd9Sstevel@tonic-gate static void do_setsmask(); 315*7c478bd9Sstevel@tonic-gate static void do_setumask(); 316*7c478bd9Sstevel@tonic-gate static void do_setpolicy(); 317*7c478bd9Sstevel@tonic-gate static void do_setqbufsz(); 318*7c478bd9Sstevel@tonic-gate static void do_setqctrl(); 319*7c478bd9Sstevel@tonic-gate static void do_setqdelay(); 320*7c478bd9Sstevel@tonic-gate static void do_setqhiwater(); 321*7c478bd9Sstevel@tonic-gate static void do_setqlowater(); 322*7c478bd9Sstevel@tonic-gate static void do_setstat(); 323*7c478bd9Sstevel@tonic-gate static void do_settid(); 324*7c478bd9Sstevel@tonic-gate static void do_setuseraudit(); 325*7c478bd9Sstevel@tonic-gate static void do_getfsize(); 326*7c478bd9Sstevel@tonic-gate static void do_setfsize(); 327*7c478bd9Sstevel@tonic-gate static void str2mask(); 328*7c478bd9Sstevel@tonic-gate static void str2tid(); 329*7c478bd9Sstevel@tonic-gate static void strsplit(); 330*7c478bd9Sstevel@tonic-gate 331*7c478bd9Sstevel@tonic-gate static void eauditon(); 332*7c478bd9Sstevel@tonic-gate static void egetaudit(); 333*7c478bd9Sstevel@tonic-gate static void egetkaudit(); 334*7c478bd9Sstevel@tonic-gate static void esetkaudit(); 335*7c478bd9Sstevel@tonic-gate static void egetauditflagsbin(); 336*7c478bd9Sstevel@tonic-gate static void egetauid(); 337*7c478bd9Sstevel@tonic-gate static void esetaudit(); 338*7c478bd9Sstevel@tonic-gate static void esetauid(); 339*7c478bd9Sstevel@tonic-gate static void execit(); 340*7c478bd9Sstevel@tonic-gate static void exit_error(char *, ...); 341*7c478bd9Sstevel@tonic-gate static void exit_usage(); 342*7c478bd9Sstevel@tonic-gate static void parse_args(); 343*7c478bd9Sstevel@tonic-gate static void print_asid(); 344*7c478bd9Sstevel@tonic-gate static void print_auid(); 345*7c478bd9Sstevel@tonic-gate static void print_mask(); 346*7c478bd9Sstevel@tonic-gate static void print_mask1(); 347*7c478bd9Sstevel@tonic-gate static void print_stats(); 348*7c478bd9Sstevel@tonic-gate static void print_tid_ex(); 349*7c478bd9Sstevel@tonic-gate 350*7c478bd9Sstevel@tonic-gate extern char *sys_errlist[]; 351*7c478bd9Sstevel@tonic-gate 352*7c478bd9Sstevel@tonic-gate int 353*7c478bd9Sstevel@tonic-gate main(argc, argv) 354*7c478bd9Sstevel@tonic-gate int argc; 355*7c478bd9Sstevel@tonic-gate char **argv; 356*7c478bd9Sstevel@tonic-gate { 357*7c478bd9Sstevel@tonic-gate progname = "auditconfig"; 358*7c478bd9Sstevel@tonic-gate 359*7c478bd9Sstevel@tonic-gate (void) setlocale(LC_ALL, ""); 360*7c478bd9Sstevel@tonic-gate (void) textdomain(TEXT_DOMAIN); 361*7c478bd9Sstevel@tonic-gate 362*7c478bd9Sstevel@tonic-gate if (argc == 1) { 363*7c478bd9Sstevel@tonic-gate exit_usage(0); 364*7c478bd9Sstevel@tonic-gate exit(0); 365*7c478bd9Sstevel@tonic-gate } 366*7c478bd9Sstevel@tonic-gate 367*7c478bd9Sstevel@tonic-gate if (argc == 2 && 368*7c478bd9Sstevel@tonic-gate (argv[1][0] == '?' || 369*7c478bd9Sstevel@tonic-gate strcmp(argv[1], "-h") == 0 || 370*7c478bd9Sstevel@tonic-gate strcmp(argv[1], "-?") == 0)) 371*7c478bd9Sstevel@tonic-gate exit_usage(0); 372*7c478bd9Sstevel@tonic-gate 373*7c478bd9Sstevel@tonic-gate parse_args(argv); 374*7c478bd9Sstevel@tonic-gate 375*7c478bd9Sstevel@tonic-gate do_args(argv); 376*7c478bd9Sstevel@tonic-gate 377*7c478bd9Sstevel@tonic-gate return (0); 378*7c478bd9Sstevel@tonic-gate } 379*7c478bd9Sstevel@tonic-gate 380*7c478bd9Sstevel@tonic-gate /* 381*7c478bd9Sstevel@tonic-gate * parse_args() 382*7c478bd9Sstevel@tonic-gate * Desc: Checks command line argument syntax. 383*7c478bd9Sstevel@tonic-gate * Inputs: Command line argv; 384*7c478bd9Sstevel@tonic-gate * Returns: If a syntax error is detected, a usage message is printed 385*7c478bd9Sstevel@tonic-gate * and exit() is called. If a syntax error is not detected, 386*7c478bd9Sstevel@tonic-gate * parse_args() returns without a value. 387*7c478bd9Sstevel@tonic-gate */ 388*7c478bd9Sstevel@tonic-gate static void 389*7c478bd9Sstevel@tonic-gate parse_args(char **argv) 390*7c478bd9Sstevel@tonic-gate { 391*7c478bd9Sstevel@tonic-gate struct arg_entry *ae; 392*7c478bd9Sstevel@tonic-gate 393*7c478bd9Sstevel@tonic-gate au_mask_t pmask; 394*7c478bd9Sstevel@tonic-gate au_mask_t smask; 395*7c478bd9Sstevel@tonic-gate au_mask_t umask; 396*7c478bd9Sstevel@tonic-gate uint_t type; 397*7c478bd9Sstevel@tonic-gate uint_t addr[4]; 398*7c478bd9Sstevel@tonic-gate 399*7c478bd9Sstevel@tonic-gate for (++argv; *argv; argv++) { 400*7c478bd9Sstevel@tonic-gate if ((ae = get_arg_ent(*argv)) == (struct arg_entry *)0) { 401*7c478bd9Sstevel@tonic-gate exit_usage(1); 402*7c478bd9Sstevel@tonic-gate } 403*7c478bd9Sstevel@tonic-gate 404*7c478bd9Sstevel@tonic-gate switch (ae->auditconfig_cmd) { 405*7c478bd9Sstevel@tonic-gate 406*7c478bd9Sstevel@tonic-gate case AC_ARG_AUDIT: 407*7c478bd9Sstevel@tonic-gate ++argv; 408*7c478bd9Sstevel@tonic-gate if (!*argv) 409*7c478bd9Sstevel@tonic-gate exit_usage(1); 410*7c478bd9Sstevel@tonic-gate if (strisnum(*argv)) { 411*7c478bd9Sstevel@tonic-gate chk_event_num(AC_USER_EVENT, 412*7c478bd9Sstevel@tonic-gate (au_event_t)atol(*argv)); 413*7c478bd9Sstevel@tonic-gate } else 414*7c478bd9Sstevel@tonic-gate chk_event_str(AC_USER_EVENT, *argv); 415*7c478bd9Sstevel@tonic-gate ++argv; 416*7c478bd9Sstevel@tonic-gate if (!*argv) 417*7c478bd9Sstevel@tonic-gate exit_usage(1); 418*7c478bd9Sstevel@tonic-gate chk_sorf(*argv); 419*7c478bd9Sstevel@tonic-gate ++argv; 420*7c478bd9Sstevel@tonic-gate if (!*argv) 421*7c478bd9Sstevel@tonic-gate exit_usage(1); 422*7c478bd9Sstevel@tonic-gate chk_retval(*argv); 423*7c478bd9Sstevel@tonic-gate ++argv; 424*7c478bd9Sstevel@tonic-gate if (!*argv) 425*7c478bd9Sstevel@tonic-gate exit_usage(1); 426*7c478bd9Sstevel@tonic-gate break; 427*7c478bd9Sstevel@tonic-gate 428*7c478bd9Sstevel@tonic-gate case AC_ARG_CHKCONF: 429*7c478bd9Sstevel@tonic-gate break; 430*7c478bd9Sstevel@tonic-gate 431*7c478bd9Sstevel@tonic-gate case AC_ARG_CONF: 432*7c478bd9Sstevel@tonic-gate break; 433*7c478bd9Sstevel@tonic-gate 434*7c478bd9Sstevel@tonic-gate case AC_ARG_ACONF: 435*7c478bd9Sstevel@tonic-gate break; 436*7c478bd9Sstevel@tonic-gate 437*7c478bd9Sstevel@tonic-gate case AC_ARG_CHKACONF: 438*7c478bd9Sstevel@tonic-gate break; 439*7c478bd9Sstevel@tonic-gate 440*7c478bd9Sstevel@tonic-gate case AC_ARG_GETASID: 441*7c478bd9Sstevel@tonic-gate case AC_ARG_GETSID: 442*7c478bd9Sstevel@tonic-gate break; 443*7c478bd9Sstevel@tonic-gate 444*7c478bd9Sstevel@tonic-gate case AC_ARG_GETAUID: 445*7c478bd9Sstevel@tonic-gate break; 446*7c478bd9Sstevel@tonic-gate 447*7c478bd9Sstevel@tonic-gate case AC_ARG_GETAUDIT: 448*7c478bd9Sstevel@tonic-gate break; 449*7c478bd9Sstevel@tonic-gate 450*7c478bd9Sstevel@tonic-gate case AC_ARG_GETKAUDIT: 451*7c478bd9Sstevel@tonic-gate break; 452*7c478bd9Sstevel@tonic-gate 453*7c478bd9Sstevel@tonic-gate case AC_ARG_GETCLASS: 454*7c478bd9Sstevel@tonic-gate case AC_ARG_GETESTATE: 455*7c478bd9Sstevel@tonic-gate ++argv; 456*7c478bd9Sstevel@tonic-gate if (!*argv) 457*7c478bd9Sstevel@tonic-gate exit_usage(1); 458*7c478bd9Sstevel@tonic-gate if (strisnum(*argv)) 459*7c478bd9Sstevel@tonic-gate chk_event_num(AC_KERN_EVENT, 460*7c478bd9Sstevel@tonic-gate (au_event_t)atol(*argv)); 461*7c478bd9Sstevel@tonic-gate else 462*7c478bd9Sstevel@tonic-gate chk_event_str(AC_KERN_EVENT, *argv); 463*7c478bd9Sstevel@tonic-gate break; 464*7c478bd9Sstevel@tonic-gate 465*7c478bd9Sstevel@tonic-gate case AC_ARG_GETCAR: 466*7c478bd9Sstevel@tonic-gate break; 467*7c478bd9Sstevel@tonic-gate 468*7c478bd9Sstevel@tonic-gate case AC_ARG_GETCOND: 469*7c478bd9Sstevel@tonic-gate break; 470*7c478bd9Sstevel@tonic-gate 471*7c478bd9Sstevel@tonic-gate case AC_ARG_GETCWD: 472*7c478bd9Sstevel@tonic-gate break; 473*7c478bd9Sstevel@tonic-gate 474*7c478bd9Sstevel@tonic-gate case AC_ARG_GETKERNSTATE: 475*7c478bd9Sstevel@tonic-gate case AC_ARG_GETKMASK: 476*7c478bd9Sstevel@tonic-gate break; 477*7c478bd9Sstevel@tonic-gate 478*7c478bd9Sstevel@tonic-gate case AC_ARG_GETPOLICY: 479*7c478bd9Sstevel@tonic-gate break; 480*7c478bd9Sstevel@tonic-gate 481*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQBUFSZ: 482*7c478bd9Sstevel@tonic-gate break; 483*7c478bd9Sstevel@tonic-gate 484*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQCTRL: 485*7c478bd9Sstevel@tonic-gate break; 486*7c478bd9Sstevel@tonic-gate 487*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQDELAY: 488*7c478bd9Sstevel@tonic-gate break; 489*7c478bd9Sstevel@tonic-gate 490*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQHIWATER: 491*7c478bd9Sstevel@tonic-gate break; 492*7c478bd9Sstevel@tonic-gate 493*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQLOWATER: 494*7c478bd9Sstevel@tonic-gate break; 495*7c478bd9Sstevel@tonic-gate 496*7c478bd9Sstevel@tonic-gate case AC_ARG_GETSTAT: 497*7c478bd9Sstevel@tonic-gate break; 498*7c478bd9Sstevel@tonic-gate 499*7c478bd9Sstevel@tonic-gate case AC_ARG_GETTERMID: 500*7c478bd9Sstevel@tonic-gate break; 501*7c478bd9Sstevel@tonic-gate 502*7c478bd9Sstevel@tonic-gate case AC_ARG_GETUSERAUDIT: 503*7c478bd9Sstevel@tonic-gate ++argv; 504*7c478bd9Sstevel@tonic-gate if (!*argv) 505*7c478bd9Sstevel@tonic-gate exit_usage(1); 506*7c478bd9Sstevel@tonic-gate break; 507*7c478bd9Sstevel@tonic-gate 508*7c478bd9Sstevel@tonic-gate case AC_ARG_LSEVENT: 509*7c478bd9Sstevel@tonic-gate break; 510*7c478bd9Sstevel@tonic-gate 511*7c478bd9Sstevel@tonic-gate case AC_ARG_LSPOLICY: 512*7c478bd9Sstevel@tonic-gate break; 513*7c478bd9Sstevel@tonic-gate 514*7c478bd9Sstevel@tonic-gate case AC_ARG_SETASID: 515*7c478bd9Sstevel@tonic-gate ++argv; 516*7c478bd9Sstevel@tonic-gate if (!*argv) 517*7c478bd9Sstevel@tonic-gate exit_usage(1); 518*7c478bd9Sstevel@tonic-gate 519*7c478bd9Sstevel@tonic-gate while (*argv) 520*7c478bd9Sstevel@tonic-gate ++argv; 521*7c478bd9Sstevel@tonic-gate --argv; 522*7c478bd9Sstevel@tonic-gate 523*7c478bd9Sstevel@tonic-gate break; 524*7c478bd9Sstevel@tonic-gate 525*7c478bd9Sstevel@tonic-gate case AC_ARG_SETAUID: 526*7c478bd9Sstevel@tonic-gate ++argv; 527*7c478bd9Sstevel@tonic-gate if (!*argv) 528*7c478bd9Sstevel@tonic-gate exit_usage(1); 529*7c478bd9Sstevel@tonic-gate 530*7c478bd9Sstevel@tonic-gate while (*argv) 531*7c478bd9Sstevel@tonic-gate ++argv; 532*7c478bd9Sstevel@tonic-gate --argv; 533*7c478bd9Sstevel@tonic-gate 534*7c478bd9Sstevel@tonic-gate break; 535*7c478bd9Sstevel@tonic-gate 536*7c478bd9Sstevel@tonic-gate case AC_ARG_SETAUDIT: 537*7c478bd9Sstevel@tonic-gate ++argv; 538*7c478bd9Sstevel@tonic-gate if (!*argv) 539*7c478bd9Sstevel@tonic-gate exit_usage(1); 540*7c478bd9Sstevel@tonic-gate 541*7c478bd9Sstevel@tonic-gate while (*argv) 542*7c478bd9Sstevel@tonic-gate ++argv; 543*7c478bd9Sstevel@tonic-gate --argv; 544*7c478bd9Sstevel@tonic-gate 545*7c478bd9Sstevel@tonic-gate break; 546*7c478bd9Sstevel@tonic-gate 547*7c478bd9Sstevel@tonic-gate case AC_ARG_SETKAUDIT: 548*7c478bd9Sstevel@tonic-gate ++argv; 549*7c478bd9Sstevel@tonic-gate if (!*argv) 550*7c478bd9Sstevel@tonic-gate exit_usage(1); 551*7c478bd9Sstevel@tonic-gate if (str2type (*argv, &type)) 552*7c478bd9Sstevel@tonic-gate exit_error(gettext( 553*7c478bd9Sstevel@tonic-gate "Invalid IP address type specified.")); 554*7c478bd9Sstevel@tonic-gate ++argv; 555*7c478bd9Sstevel@tonic-gate if (!*argv) 556*7c478bd9Sstevel@tonic-gate exit_usage(1); 557*7c478bd9Sstevel@tonic-gate 558*7c478bd9Sstevel@tonic-gate if (str2ipaddr(*argv, addr, type)) 559*7c478bd9Sstevel@tonic-gate exit_error(gettext( 560*7c478bd9Sstevel@tonic-gate "Invalid IP address specified.")); 561*7c478bd9Sstevel@tonic-gate break; 562*7c478bd9Sstevel@tonic-gate 563*7c478bd9Sstevel@tonic-gate case AC_ARG_SETCLASS: 564*7c478bd9Sstevel@tonic-gate case AC_ARG_SETESTATE: 565*7c478bd9Sstevel@tonic-gate ++argv; 566*7c478bd9Sstevel@tonic-gate if (!*argv) 567*7c478bd9Sstevel@tonic-gate exit_usage(1); 568*7c478bd9Sstevel@tonic-gate if (strisnum(*argv)) 569*7c478bd9Sstevel@tonic-gate chk_event_num(AC_KERN_EVENT, 570*7c478bd9Sstevel@tonic-gate (au_event_t)atol(*argv)); 571*7c478bd9Sstevel@tonic-gate else 572*7c478bd9Sstevel@tonic-gate chk_event_str(AC_KERN_EVENT, *argv); 573*7c478bd9Sstevel@tonic-gate ++argv; 574*7c478bd9Sstevel@tonic-gate if (!*argv) 575*7c478bd9Sstevel@tonic-gate exit_usage(1); 576*7c478bd9Sstevel@tonic-gate str2mask(*argv, &pmask); 577*7c478bd9Sstevel@tonic-gate break; 578*7c478bd9Sstevel@tonic-gate 579*7c478bd9Sstevel@tonic-gate case AC_ARG_SETKERNSTATE: 580*7c478bd9Sstevel@tonic-gate case AC_ARG_SETKMASK: 581*7c478bd9Sstevel@tonic-gate ++argv; 582*7c478bd9Sstevel@tonic-gate if (!*argv) 583*7c478bd9Sstevel@tonic-gate exit_usage(1); 584*7c478bd9Sstevel@tonic-gate str2mask(*argv, &pmask); 585*7c478bd9Sstevel@tonic-gate break; 586*7c478bd9Sstevel@tonic-gate 587*7c478bd9Sstevel@tonic-gate case AC_ARG_SETPOLICY: 588*7c478bd9Sstevel@tonic-gate ++argv; 589*7c478bd9Sstevel@tonic-gate if (!*argv) 590*7c478bd9Sstevel@tonic-gate exit_usage(1); 591*7c478bd9Sstevel@tonic-gate break; 592*7c478bd9Sstevel@tonic-gate 593*7c478bd9Sstevel@tonic-gate case AC_ARG_SETSTAT: 594*7c478bd9Sstevel@tonic-gate break; 595*7c478bd9Sstevel@tonic-gate 596*7c478bd9Sstevel@tonic-gate case AC_ARG_GETPINFO: 597*7c478bd9Sstevel@tonic-gate ++argv; 598*7c478bd9Sstevel@tonic-gate if (!*argv) 599*7c478bd9Sstevel@tonic-gate exit_usage(1); 600*7c478bd9Sstevel@tonic-gate break; 601*7c478bd9Sstevel@tonic-gate 602*7c478bd9Sstevel@tonic-gate case AC_ARG_SETPMASK: 603*7c478bd9Sstevel@tonic-gate ++argv; 604*7c478bd9Sstevel@tonic-gate if (!*argv) 605*7c478bd9Sstevel@tonic-gate exit_usage(1); 606*7c478bd9Sstevel@tonic-gate ++argv; 607*7c478bd9Sstevel@tonic-gate if (!*argv) 608*7c478bd9Sstevel@tonic-gate exit_usage(1); 609*7c478bd9Sstevel@tonic-gate str2mask(*argv, &pmask); 610*7c478bd9Sstevel@tonic-gate break; 611*7c478bd9Sstevel@tonic-gate 612*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQBUFSZ: 613*7c478bd9Sstevel@tonic-gate ++argv; 614*7c478bd9Sstevel@tonic-gate if (!*argv) 615*7c478bd9Sstevel@tonic-gate exit_usage(1); 616*7c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 617*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid bufsz specified.")); 618*7c478bd9Sstevel@tonic-gate break; 619*7c478bd9Sstevel@tonic-gate 620*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQCTRL: 621*7c478bd9Sstevel@tonic-gate ++argv; 622*7c478bd9Sstevel@tonic-gate if (!*argv) 623*7c478bd9Sstevel@tonic-gate exit_usage(1); 624*7c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 625*7c478bd9Sstevel@tonic-gate exit_error(gettext( 626*7c478bd9Sstevel@tonic-gate "Invalid hiwater specified.")); 627*7c478bd9Sstevel@tonic-gate ++argv; 628*7c478bd9Sstevel@tonic-gate if (!*argv) 629*7c478bd9Sstevel@tonic-gate exit_usage(1); 630*7c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 631*7c478bd9Sstevel@tonic-gate exit_error(gettext( 632*7c478bd9Sstevel@tonic-gate gettext("Invalid lowater specified."))); 633*7c478bd9Sstevel@tonic-gate ++argv; 634*7c478bd9Sstevel@tonic-gate if (!*argv) 635*7c478bd9Sstevel@tonic-gate exit_usage(1); 636*7c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 637*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid bufsz specified.")); 638*7c478bd9Sstevel@tonic-gate ++argv; 639*7c478bd9Sstevel@tonic-gate if (!*argv) 640*7c478bd9Sstevel@tonic-gate exit_usage(1); 641*7c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 642*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid delay specified.")); 643*7c478bd9Sstevel@tonic-gate break; 644*7c478bd9Sstevel@tonic-gate 645*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQDELAY: 646*7c478bd9Sstevel@tonic-gate ++argv; 647*7c478bd9Sstevel@tonic-gate if (!*argv) 648*7c478bd9Sstevel@tonic-gate exit_usage(1); 649*7c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 650*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid delay specified.")); 651*7c478bd9Sstevel@tonic-gate break; 652*7c478bd9Sstevel@tonic-gate 653*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQHIWATER: 654*7c478bd9Sstevel@tonic-gate ++argv; 655*7c478bd9Sstevel@tonic-gate if (!*argv) 656*7c478bd9Sstevel@tonic-gate exit_usage(1); 657*7c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 658*7c478bd9Sstevel@tonic-gate exit_error(gettext( 659*7c478bd9Sstevel@tonic-gate "Invalid hiwater specified.")); 660*7c478bd9Sstevel@tonic-gate break; 661*7c478bd9Sstevel@tonic-gate 662*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQLOWATER: 663*7c478bd9Sstevel@tonic-gate ++argv; 664*7c478bd9Sstevel@tonic-gate if (!*argv) 665*7c478bd9Sstevel@tonic-gate exit_usage(1); 666*7c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 667*7c478bd9Sstevel@tonic-gate exit_error(gettext( 668*7c478bd9Sstevel@tonic-gate "Invalid lowater specified.")); 669*7c478bd9Sstevel@tonic-gate break; 670*7c478bd9Sstevel@tonic-gate 671*7c478bd9Sstevel@tonic-gate case AC_ARG_SETTERMID: 672*7c478bd9Sstevel@tonic-gate ++argv; 673*7c478bd9Sstevel@tonic-gate if (!*argv) 674*7c478bd9Sstevel@tonic-gate exit_usage(1); 675*7c478bd9Sstevel@tonic-gate chk_tid(*argv); 676*7c478bd9Sstevel@tonic-gate break; 677*7c478bd9Sstevel@tonic-gate 678*7c478bd9Sstevel@tonic-gate case AC_ARG_SETUSERAUDIT: 679*7c478bd9Sstevel@tonic-gate ++argv; 680*7c478bd9Sstevel@tonic-gate if (!*argv) 681*7c478bd9Sstevel@tonic-gate exit_usage(1); 682*7c478bd9Sstevel@tonic-gate ++argv; 683*7c478bd9Sstevel@tonic-gate if (!*argv) 684*7c478bd9Sstevel@tonic-gate exit_usage(1); 685*7c478bd9Sstevel@tonic-gate break; 686*7c478bd9Sstevel@tonic-gate case AC_ARG_SETSMASK: 687*7c478bd9Sstevel@tonic-gate ++argv; 688*7c478bd9Sstevel@tonic-gate if (!*argv) 689*7c478bd9Sstevel@tonic-gate exit_usage(1); 690*7c478bd9Sstevel@tonic-gate ++argv; 691*7c478bd9Sstevel@tonic-gate if (!*argv) 692*7c478bd9Sstevel@tonic-gate exit_usage(1); 693*7c478bd9Sstevel@tonic-gate str2mask(*argv, &smask); 694*7c478bd9Sstevel@tonic-gate break; 695*7c478bd9Sstevel@tonic-gate 696*7c478bd9Sstevel@tonic-gate case AC_ARG_SETUMASK: 697*7c478bd9Sstevel@tonic-gate ++argv; 698*7c478bd9Sstevel@tonic-gate if (!*argv) 699*7c478bd9Sstevel@tonic-gate exit_usage(1); 700*7c478bd9Sstevel@tonic-gate ++argv; 701*7c478bd9Sstevel@tonic-gate if (!*argv) 702*7c478bd9Sstevel@tonic-gate exit_usage(1); 703*7c478bd9Sstevel@tonic-gate str2mask(*argv, &umask); 704*7c478bd9Sstevel@tonic-gate break; 705*7c478bd9Sstevel@tonic-gate 706*7c478bd9Sstevel@tonic-gate case AC_ARG_GETFSIZE: 707*7c478bd9Sstevel@tonic-gate break; 708*7c478bd9Sstevel@tonic-gate 709*7c478bd9Sstevel@tonic-gate case AC_ARG_SETFSIZE: 710*7c478bd9Sstevel@tonic-gate ++argv; 711*7c478bd9Sstevel@tonic-gate if (!*argv) 712*7c478bd9Sstevel@tonic-gate exit_usage(1); 713*7c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 714*7c478bd9Sstevel@tonic-gate exit_error(gettext( 715*7c478bd9Sstevel@tonic-gate "Invalid hiwater specified.")); 716*7c478bd9Sstevel@tonic-gate break; 717*7c478bd9Sstevel@tonic-gate 718*7c478bd9Sstevel@tonic-gate default: 719*7c478bd9Sstevel@tonic-gate exit_error(gettext("Internal error #1.")); 720*7c478bd9Sstevel@tonic-gate break; 721*7c478bd9Sstevel@tonic-gate 722*7c478bd9Sstevel@tonic-gate 723*7c478bd9Sstevel@tonic-gate } 724*7c478bd9Sstevel@tonic-gate } 725*7c478bd9Sstevel@tonic-gate } 726*7c478bd9Sstevel@tonic-gate 727*7c478bd9Sstevel@tonic-gate 728*7c478bd9Sstevel@tonic-gate /* 729*7c478bd9Sstevel@tonic-gate * do_args() 730*7c478bd9Sstevel@tonic-gate * Desc: Do command line arguments in the order in which they appear. 731*7c478bd9Sstevel@tonic-gate */ 732*7c478bd9Sstevel@tonic-gate static void 733*7c478bd9Sstevel@tonic-gate do_args(argv) 734*7c478bd9Sstevel@tonic-gate char **argv; 735*7c478bd9Sstevel@tonic-gate { 736*7c478bd9Sstevel@tonic-gate struct arg_entry *ae; 737*7c478bd9Sstevel@tonic-gate 738*7c478bd9Sstevel@tonic-gate for (++argv; *argv; argv++) { 739*7c478bd9Sstevel@tonic-gate ae = get_arg_ent(*argv); 740*7c478bd9Sstevel@tonic-gate 741*7c478bd9Sstevel@tonic-gate switch (ae->auditconfig_cmd) { 742*7c478bd9Sstevel@tonic-gate 743*7c478bd9Sstevel@tonic-gate case AC_ARG_AUDIT: 744*7c478bd9Sstevel@tonic-gate { 745*7c478bd9Sstevel@tonic-gate char sorf; 746*7c478bd9Sstevel@tonic-gate int retval; 747*7c478bd9Sstevel@tonic-gate char *event_name; 748*7c478bd9Sstevel@tonic-gate char *audit_str; 749*7c478bd9Sstevel@tonic-gate 750*7c478bd9Sstevel@tonic-gate ++argv; 751*7c478bd9Sstevel@tonic-gate event_name = *argv; 752*7c478bd9Sstevel@tonic-gate ++argv; 753*7c478bd9Sstevel@tonic-gate sorf = (char)atoi(*argv); 754*7c478bd9Sstevel@tonic-gate ++argv; 755*7c478bd9Sstevel@tonic-gate retval = atoi(*argv); 756*7c478bd9Sstevel@tonic-gate ++argv; 757*7c478bd9Sstevel@tonic-gate audit_str = *argv; 758*7c478bd9Sstevel@tonic-gate do_audit(event_name, sorf, retval, audit_str); 759*7c478bd9Sstevel@tonic-gate } 760*7c478bd9Sstevel@tonic-gate break; 761*7c478bd9Sstevel@tonic-gate 762*7c478bd9Sstevel@tonic-gate case AC_ARG_CHKCONF: 763*7c478bd9Sstevel@tonic-gate do_chkconf(); 764*7c478bd9Sstevel@tonic-gate break; 765*7c478bd9Sstevel@tonic-gate 766*7c478bd9Sstevel@tonic-gate case AC_ARG_CONF: 767*7c478bd9Sstevel@tonic-gate do_conf(); 768*7c478bd9Sstevel@tonic-gate break; 769*7c478bd9Sstevel@tonic-gate 770*7c478bd9Sstevel@tonic-gate case AC_ARG_CHKACONF: 771*7c478bd9Sstevel@tonic-gate do_chkaconf(); 772*7c478bd9Sstevel@tonic-gate break; 773*7c478bd9Sstevel@tonic-gate 774*7c478bd9Sstevel@tonic-gate case AC_ARG_ACONF: 775*7c478bd9Sstevel@tonic-gate do_aconf(); 776*7c478bd9Sstevel@tonic-gate break; 777*7c478bd9Sstevel@tonic-gate 778*7c478bd9Sstevel@tonic-gate case AC_ARG_GETASID: 779*7c478bd9Sstevel@tonic-gate case AC_ARG_GETSID: 780*7c478bd9Sstevel@tonic-gate do_getasid(); 781*7c478bd9Sstevel@tonic-gate break; 782*7c478bd9Sstevel@tonic-gate 783*7c478bd9Sstevel@tonic-gate case AC_ARG_GETAUID: 784*7c478bd9Sstevel@tonic-gate do_getauid(); 785*7c478bd9Sstevel@tonic-gate break; 786*7c478bd9Sstevel@tonic-gate 787*7c478bd9Sstevel@tonic-gate case AC_ARG_GETAUDIT: 788*7c478bd9Sstevel@tonic-gate do_getaudit(); 789*7c478bd9Sstevel@tonic-gate break; 790*7c478bd9Sstevel@tonic-gate 791*7c478bd9Sstevel@tonic-gate case AC_ARG_GETKAUDIT: 792*7c478bd9Sstevel@tonic-gate do_getkaudit(); 793*7c478bd9Sstevel@tonic-gate break; 794*7c478bd9Sstevel@tonic-gate 795*7c478bd9Sstevel@tonic-gate case AC_ARG_GETCLASS: 796*7c478bd9Sstevel@tonic-gate case AC_ARG_GETESTATE: 797*7c478bd9Sstevel@tonic-gate ++argv; 798*7c478bd9Sstevel@tonic-gate do_getclass(*argv); 799*7c478bd9Sstevel@tonic-gate break; 800*7c478bd9Sstevel@tonic-gate 801*7c478bd9Sstevel@tonic-gate case AC_ARG_GETCAR: 802*7c478bd9Sstevel@tonic-gate do_getcar(); 803*7c478bd9Sstevel@tonic-gate break; 804*7c478bd9Sstevel@tonic-gate 805*7c478bd9Sstevel@tonic-gate case AC_ARG_GETCOND: 806*7c478bd9Sstevel@tonic-gate do_getcond(); 807*7c478bd9Sstevel@tonic-gate break; 808*7c478bd9Sstevel@tonic-gate 809*7c478bd9Sstevel@tonic-gate case AC_ARG_GETCWD: 810*7c478bd9Sstevel@tonic-gate do_getcwd(); 811*7c478bd9Sstevel@tonic-gate break; 812*7c478bd9Sstevel@tonic-gate 813*7c478bd9Sstevel@tonic-gate case AC_ARG_GETKERNSTATE: 814*7c478bd9Sstevel@tonic-gate case AC_ARG_GETKMASK: 815*7c478bd9Sstevel@tonic-gate do_getkmask(); 816*7c478bd9Sstevel@tonic-gate break; 817*7c478bd9Sstevel@tonic-gate 818*7c478bd9Sstevel@tonic-gate case AC_ARG_GETPOLICY: 819*7c478bd9Sstevel@tonic-gate do_getpolicy(); 820*7c478bd9Sstevel@tonic-gate break; 821*7c478bd9Sstevel@tonic-gate 822*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQBUFSZ: 823*7c478bd9Sstevel@tonic-gate do_getqbufsz(); 824*7c478bd9Sstevel@tonic-gate break; 825*7c478bd9Sstevel@tonic-gate 826*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQCTRL: 827*7c478bd9Sstevel@tonic-gate do_getqctrl(); 828*7c478bd9Sstevel@tonic-gate break; 829*7c478bd9Sstevel@tonic-gate 830*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQDELAY: 831*7c478bd9Sstevel@tonic-gate do_getqdelay(); 832*7c478bd9Sstevel@tonic-gate break; 833*7c478bd9Sstevel@tonic-gate 834*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQHIWATER: 835*7c478bd9Sstevel@tonic-gate do_getqhiwater(); 836*7c478bd9Sstevel@tonic-gate break; 837*7c478bd9Sstevel@tonic-gate 838*7c478bd9Sstevel@tonic-gate case AC_ARG_GETQLOWATER: 839*7c478bd9Sstevel@tonic-gate do_getqlowater(); 840*7c478bd9Sstevel@tonic-gate break; 841*7c478bd9Sstevel@tonic-gate 842*7c478bd9Sstevel@tonic-gate case AC_ARG_GETSTAT: 843*7c478bd9Sstevel@tonic-gate do_getstat(); 844*7c478bd9Sstevel@tonic-gate break; 845*7c478bd9Sstevel@tonic-gate 846*7c478bd9Sstevel@tonic-gate case AC_ARG_GETTERMID: 847*7c478bd9Sstevel@tonic-gate do_gettermid(); 848*7c478bd9Sstevel@tonic-gate break; 849*7c478bd9Sstevel@tonic-gate 850*7c478bd9Sstevel@tonic-gate case AC_ARG_GETUSERAUDIT: 851*7c478bd9Sstevel@tonic-gate ++argv; 852*7c478bd9Sstevel@tonic-gate do_getuseraudit(*argv); 853*7c478bd9Sstevel@tonic-gate break; 854*7c478bd9Sstevel@tonic-gate 855*7c478bd9Sstevel@tonic-gate case AC_ARG_LSEVENT: 856*7c478bd9Sstevel@tonic-gate do_lsevent(); 857*7c478bd9Sstevel@tonic-gate break; 858*7c478bd9Sstevel@tonic-gate 859*7c478bd9Sstevel@tonic-gate case AC_ARG_LSPOLICY: 860*7c478bd9Sstevel@tonic-gate do_lspolicy(); 861*7c478bd9Sstevel@tonic-gate break; 862*7c478bd9Sstevel@tonic-gate 863*7c478bd9Sstevel@tonic-gate case AC_ARG_SETASID: 864*7c478bd9Sstevel@tonic-gate { 865*7c478bd9Sstevel@tonic-gate char *sid_str; 866*7c478bd9Sstevel@tonic-gate 867*7c478bd9Sstevel@tonic-gate ++argv; 868*7c478bd9Sstevel@tonic-gate sid_str = *argv; 869*7c478bd9Sstevel@tonic-gate ++argv; 870*7c478bd9Sstevel@tonic-gate do_setasid(sid_str, argv); 871*7c478bd9Sstevel@tonic-gate } 872*7c478bd9Sstevel@tonic-gate break; 873*7c478bd9Sstevel@tonic-gate 874*7c478bd9Sstevel@tonic-gate case AC_ARG_SETAUID: 875*7c478bd9Sstevel@tonic-gate { 876*7c478bd9Sstevel@tonic-gate char *user; 877*7c478bd9Sstevel@tonic-gate 878*7c478bd9Sstevel@tonic-gate ++argv; 879*7c478bd9Sstevel@tonic-gate user = *argv; 880*7c478bd9Sstevel@tonic-gate ++argv; 881*7c478bd9Sstevel@tonic-gate do_setauid(user, argv); 882*7c478bd9Sstevel@tonic-gate } 883*7c478bd9Sstevel@tonic-gate break; 884*7c478bd9Sstevel@tonic-gate 885*7c478bd9Sstevel@tonic-gate case AC_ARG_SETAUDIT: 886*7c478bd9Sstevel@tonic-gate { 887*7c478bd9Sstevel@tonic-gate char *user_str; 888*7c478bd9Sstevel@tonic-gate char *mask_str; 889*7c478bd9Sstevel@tonic-gate char *tid_str; 890*7c478bd9Sstevel@tonic-gate char *sid_str; 891*7c478bd9Sstevel@tonic-gate 892*7c478bd9Sstevel@tonic-gate ++argv; 893*7c478bd9Sstevel@tonic-gate user_str = *argv; 894*7c478bd9Sstevel@tonic-gate ++argv; 895*7c478bd9Sstevel@tonic-gate mask_str = *argv; 896*7c478bd9Sstevel@tonic-gate ++argv; 897*7c478bd9Sstevel@tonic-gate tid_str = *argv; 898*7c478bd9Sstevel@tonic-gate ++argv; 899*7c478bd9Sstevel@tonic-gate sid_str = *argv; 900*7c478bd9Sstevel@tonic-gate ++argv; 901*7c478bd9Sstevel@tonic-gate do_setaudit(user_str, mask_str, 902*7c478bd9Sstevel@tonic-gate tid_str, sid_str, argv); 903*7c478bd9Sstevel@tonic-gate } 904*7c478bd9Sstevel@tonic-gate break; 905*7c478bd9Sstevel@tonic-gate 906*7c478bd9Sstevel@tonic-gate case AC_ARG_SETKAUDIT: 907*7c478bd9Sstevel@tonic-gate { 908*7c478bd9Sstevel@tonic-gate char *address_type, *address; 909*7c478bd9Sstevel@tonic-gate 910*7c478bd9Sstevel@tonic-gate ++argv; address_type = *argv; 911*7c478bd9Sstevel@tonic-gate ++argv; address = *argv; 912*7c478bd9Sstevel@tonic-gate do_setkaudit(address_type, address); 913*7c478bd9Sstevel@tonic-gate } 914*7c478bd9Sstevel@tonic-gate break; 915*7c478bd9Sstevel@tonic-gate 916*7c478bd9Sstevel@tonic-gate case AC_ARG_SETCLASS: 917*7c478bd9Sstevel@tonic-gate case AC_ARG_SETESTATE: 918*7c478bd9Sstevel@tonic-gate { 919*7c478bd9Sstevel@tonic-gate char *event_str, *audit_flags; 920*7c478bd9Sstevel@tonic-gate 921*7c478bd9Sstevel@tonic-gate ++argv; event_str = *argv; 922*7c478bd9Sstevel@tonic-gate ++argv; audit_flags = *argv; 923*7c478bd9Sstevel@tonic-gate do_setclass(event_str, audit_flags); 924*7c478bd9Sstevel@tonic-gate } 925*7c478bd9Sstevel@tonic-gate break; 926*7c478bd9Sstevel@tonic-gate 927*7c478bd9Sstevel@tonic-gate case AC_ARG_SETKERNSTATE: 928*7c478bd9Sstevel@tonic-gate case AC_ARG_SETKMASK: 929*7c478bd9Sstevel@tonic-gate ++argv; 930*7c478bd9Sstevel@tonic-gate do_setkmask(*argv); 931*7c478bd9Sstevel@tonic-gate break; 932*7c478bd9Sstevel@tonic-gate 933*7c478bd9Sstevel@tonic-gate case AC_ARG_SETPOLICY: 934*7c478bd9Sstevel@tonic-gate ++argv; 935*7c478bd9Sstevel@tonic-gate do_setpolicy(*argv); 936*7c478bd9Sstevel@tonic-gate break; 937*7c478bd9Sstevel@tonic-gate 938*7c478bd9Sstevel@tonic-gate case AC_ARG_GETPINFO: 939*7c478bd9Sstevel@tonic-gate { 940*7c478bd9Sstevel@tonic-gate char *pid_str; 941*7c478bd9Sstevel@tonic-gate 942*7c478bd9Sstevel@tonic-gate ++argv; 943*7c478bd9Sstevel@tonic-gate pid_str = *argv; 944*7c478bd9Sstevel@tonic-gate do_getpinfo(pid_str); 945*7c478bd9Sstevel@tonic-gate } 946*7c478bd9Sstevel@tonic-gate break; 947*7c478bd9Sstevel@tonic-gate 948*7c478bd9Sstevel@tonic-gate case AC_ARG_SETPMASK: 949*7c478bd9Sstevel@tonic-gate { 950*7c478bd9Sstevel@tonic-gate char *pid_str; 951*7c478bd9Sstevel@tonic-gate char *audit_flags; 952*7c478bd9Sstevel@tonic-gate 953*7c478bd9Sstevel@tonic-gate ++argv; 954*7c478bd9Sstevel@tonic-gate pid_str = *argv; 955*7c478bd9Sstevel@tonic-gate ++argv; 956*7c478bd9Sstevel@tonic-gate audit_flags = *argv; 957*7c478bd9Sstevel@tonic-gate do_setpmask(pid_str, audit_flags); 958*7c478bd9Sstevel@tonic-gate } 959*7c478bd9Sstevel@tonic-gate break; 960*7c478bd9Sstevel@tonic-gate 961*7c478bd9Sstevel@tonic-gate case AC_ARG_SETSTAT: 962*7c478bd9Sstevel@tonic-gate do_setstat(); 963*7c478bd9Sstevel@tonic-gate break; 964*7c478bd9Sstevel@tonic-gate 965*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQBUFSZ: 966*7c478bd9Sstevel@tonic-gate ++argv; 967*7c478bd9Sstevel@tonic-gate do_setqbufsz(*argv); 968*7c478bd9Sstevel@tonic-gate break; 969*7c478bd9Sstevel@tonic-gate 970*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQCTRL: 971*7c478bd9Sstevel@tonic-gate { 972*7c478bd9Sstevel@tonic-gate char *hiwater, *lowater, *bufsz, *delay; 973*7c478bd9Sstevel@tonic-gate 974*7c478bd9Sstevel@tonic-gate ++argv; hiwater = *argv; 975*7c478bd9Sstevel@tonic-gate ++argv; lowater = *argv; 976*7c478bd9Sstevel@tonic-gate ++argv; bufsz = *argv; 977*7c478bd9Sstevel@tonic-gate ++argv; delay = *argv; 978*7c478bd9Sstevel@tonic-gate do_setqctrl(hiwater, lowater, bufsz, delay); 979*7c478bd9Sstevel@tonic-gate } 980*7c478bd9Sstevel@tonic-gate break; 981*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQDELAY: 982*7c478bd9Sstevel@tonic-gate ++argv; 983*7c478bd9Sstevel@tonic-gate do_setqdelay(*argv); 984*7c478bd9Sstevel@tonic-gate break; 985*7c478bd9Sstevel@tonic-gate 986*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQHIWATER: 987*7c478bd9Sstevel@tonic-gate ++argv; 988*7c478bd9Sstevel@tonic-gate do_setqhiwater(*argv); 989*7c478bd9Sstevel@tonic-gate break; 990*7c478bd9Sstevel@tonic-gate 991*7c478bd9Sstevel@tonic-gate case AC_ARG_SETQLOWATER: 992*7c478bd9Sstevel@tonic-gate ++argv; 993*7c478bd9Sstevel@tonic-gate do_setqlowater(*argv); 994*7c478bd9Sstevel@tonic-gate break; 995*7c478bd9Sstevel@tonic-gate 996*7c478bd9Sstevel@tonic-gate case AC_ARG_SETTERMID: 997*7c478bd9Sstevel@tonic-gate ++argv; 998*7c478bd9Sstevel@tonic-gate do_settid(*argv); 999*7c478bd9Sstevel@tonic-gate break; 1000*7c478bd9Sstevel@tonic-gate 1001*7c478bd9Sstevel@tonic-gate case AC_ARG_SETUSERAUDIT: 1002*7c478bd9Sstevel@tonic-gate { 1003*7c478bd9Sstevel@tonic-gate char *user; 1004*7c478bd9Sstevel@tonic-gate char *aflags; 1005*7c478bd9Sstevel@tonic-gate 1006*7c478bd9Sstevel@tonic-gate ++argv; 1007*7c478bd9Sstevel@tonic-gate user = *argv; 1008*7c478bd9Sstevel@tonic-gate ++argv; 1009*7c478bd9Sstevel@tonic-gate aflags = *argv; 1010*7c478bd9Sstevel@tonic-gate do_setuseraudit(user, aflags); 1011*7c478bd9Sstevel@tonic-gate } 1012*7c478bd9Sstevel@tonic-gate break; 1013*7c478bd9Sstevel@tonic-gate case AC_ARG_SETSMASK: 1014*7c478bd9Sstevel@tonic-gate { 1015*7c478bd9Sstevel@tonic-gate char *asid_str; 1016*7c478bd9Sstevel@tonic-gate char *audit_flags; 1017*7c478bd9Sstevel@tonic-gate 1018*7c478bd9Sstevel@tonic-gate ++argv; 1019*7c478bd9Sstevel@tonic-gate asid_str = *argv; 1020*7c478bd9Sstevel@tonic-gate ++argv; 1021*7c478bd9Sstevel@tonic-gate audit_flags = *argv; 1022*7c478bd9Sstevel@tonic-gate do_setsmask(asid_str, audit_flags); 1023*7c478bd9Sstevel@tonic-gate } 1024*7c478bd9Sstevel@tonic-gate break; 1025*7c478bd9Sstevel@tonic-gate case AC_ARG_SETUMASK: 1026*7c478bd9Sstevel@tonic-gate { 1027*7c478bd9Sstevel@tonic-gate char *auid_str; 1028*7c478bd9Sstevel@tonic-gate char *audit_flags; 1029*7c478bd9Sstevel@tonic-gate 1030*7c478bd9Sstevel@tonic-gate ++argv; 1031*7c478bd9Sstevel@tonic-gate auid_str = *argv; 1032*7c478bd9Sstevel@tonic-gate ++argv; 1033*7c478bd9Sstevel@tonic-gate audit_flags = *argv; 1034*7c478bd9Sstevel@tonic-gate do_setumask(auid_str, audit_flags); 1035*7c478bd9Sstevel@tonic-gate } 1036*7c478bd9Sstevel@tonic-gate break; 1037*7c478bd9Sstevel@tonic-gate case AC_ARG_GETFSIZE: 1038*7c478bd9Sstevel@tonic-gate do_getfsize(); 1039*7c478bd9Sstevel@tonic-gate break; 1040*7c478bd9Sstevel@tonic-gate case AC_ARG_SETFSIZE: 1041*7c478bd9Sstevel@tonic-gate ++argv; 1042*7c478bd9Sstevel@tonic-gate do_setfsize(*argv); 1043*7c478bd9Sstevel@tonic-gate break; 1044*7c478bd9Sstevel@tonic-gate 1045*7c478bd9Sstevel@tonic-gate default: 1046*7c478bd9Sstevel@tonic-gate exit_error(gettext("Internal error #2.")); 1047*7c478bd9Sstevel@tonic-gate break; 1048*7c478bd9Sstevel@tonic-gate 1049*7c478bd9Sstevel@tonic-gate } 1050*7c478bd9Sstevel@tonic-gate } 1051*7c478bd9Sstevel@tonic-gate 1052*7c478bd9Sstevel@tonic-gate } 1053*7c478bd9Sstevel@tonic-gate 1054*7c478bd9Sstevel@tonic-gate /* 1055*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1056*7c478bd9Sstevel@tonic-gate * set. 1057*7c478bd9Sstevel@tonic-gate */ 1058*7c478bd9Sstevel@tonic-gate 1059*7c478bd9Sstevel@tonic-gate static void 1060*7c478bd9Sstevel@tonic-gate do_chkconf() 1061*7c478bd9Sstevel@tonic-gate { 1062*7c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 1063*7c478bd9Sstevel@tonic-gate au_mask_t pmask; 1064*7c478bd9Sstevel@tonic-gate char conf_aflags[256]; 1065*7c478bd9Sstevel@tonic-gate char run_aflags[256]; 1066*7c478bd9Sstevel@tonic-gate au_stat_t as; 1067*7c478bd9Sstevel@tonic-gate int class; 1068*7c478bd9Sstevel@tonic-gate int len; 1069*7c478bd9Sstevel@tonic-gate struct au_evclass_map cmap; 1070*7c478bd9Sstevel@tonic-gate 1071*7c478bd9Sstevel@tonic-gate pmask.am_success = pmask.am_failure = 0; 1072*7c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 1073*7c478bd9Sstevel@tonic-gate 1074*7c478bd9Sstevel@tonic-gate setauevent(); 1075*7c478bd9Sstevel@tonic-gate if ((evp = getauevent()) == (au_event_ent_t *)NULL) { 1076*7c478bd9Sstevel@tonic-gate (void) exit_error(gettext( 1077*7c478bd9Sstevel@tonic-gate "NO AUDIT EVENTS: Could not read %s\n."), 1078*7c478bd9Sstevel@tonic-gate AUDITEVENTFILE); 1079*7c478bd9Sstevel@tonic-gate } 1080*7c478bd9Sstevel@tonic-gate 1081*7c478bd9Sstevel@tonic-gate setauevent(); 1082*7c478bd9Sstevel@tonic-gate while ((evp = getauevent()) != (au_event_ent_t *)NULL) { 1083*7c478bd9Sstevel@tonic-gate cmap.ec_number = evp->ae_number; 1084*7c478bd9Sstevel@tonic-gate len = sizeof (struct au_evclass_map); 1085*7c478bd9Sstevel@tonic-gate if (evp->ae_number <= as.as_numevent) 1086*7c478bd9Sstevel@tonic-gate if (auditon(A_GETCLASS, (caddr_t)&cmap, len) == -1) { 1087*7c478bd9Sstevel@tonic-gate (void) printf("%s(%d):%s", 1088*7c478bd9Sstevel@tonic-gate evp->ae_name, evp->ae_number, gettext( 1089*7c478bd9Sstevel@tonic-gate "UNKNOWN EVENT: Could not get class for event. Configuration may be bad.\n")); 1090*7c478bd9Sstevel@tonic-gate } else { 1091*7c478bd9Sstevel@tonic-gate class = cmap.ec_class; 1092*7c478bd9Sstevel@tonic-gate if (class != evp->ae_class) { 1093*7c478bd9Sstevel@tonic-gate conf_aflags[0] = run_aflags[0] = '\0'; 1094*7c478bd9Sstevel@tonic-gate pmask.am_success = class; 1095*7c478bd9Sstevel@tonic-gate pmask.am_failure = class; 1096*7c478bd9Sstevel@tonic-gate (void) getauditflagschar(run_aflags, 1097*7c478bd9Sstevel@tonic-gate &pmask, 0); 1098*7c478bd9Sstevel@tonic-gate pmask.am_success = evp->ae_class; 1099*7c478bd9Sstevel@tonic-gate pmask.am_failure = evp->ae_class; 1100*7c478bd9Sstevel@tonic-gate (void) getauditflagschar(conf_aflags, 1101*7c478bd9Sstevel@tonic-gate &pmask, 0); 1102*7c478bd9Sstevel@tonic-gate 1103*7c478bd9Sstevel@tonic-gate (void) printf(gettext( 1104*7c478bd9Sstevel@tonic-gate "%s(%d): CLASS MISMATCH: runtime class (%s) != configured class (%s)\n"), 1105*7c478bd9Sstevel@tonic-gate evp->ae_name, evp->ae_number, 1106*7c478bd9Sstevel@tonic-gate NONE(run_aflags), NONE(conf_aflags)); 1107*7c478bd9Sstevel@tonic-gate } 1108*7c478bd9Sstevel@tonic-gate } 1109*7c478bd9Sstevel@tonic-gate } 1110*7c478bd9Sstevel@tonic-gate endauevent(); 1111*7c478bd9Sstevel@tonic-gate 1112*7c478bd9Sstevel@tonic-gate } 1113*7c478bd9Sstevel@tonic-gate 1114*7c478bd9Sstevel@tonic-gate /* 1115*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1116*7c478bd9Sstevel@tonic-gate * set. 1117*7c478bd9Sstevel@tonic-gate */ 1118*7c478bd9Sstevel@tonic-gate static void 1119*7c478bd9Sstevel@tonic-gate do_conf() 1120*7c478bd9Sstevel@tonic-gate { 1121*7c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 1122*7c478bd9Sstevel@tonic-gate register int i; 1123*7c478bd9Sstevel@tonic-gate au_evclass_map_t ec; 1124*7c478bd9Sstevel@tonic-gate au_stat_t as; 1125*7c478bd9Sstevel@tonic-gate 1126*7c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 1127*7c478bd9Sstevel@tonic-gate 1128*7c478bd9Sstevel@tonic-gate i = 0; 1129*7c478bd9Sstevel@tonic-gate setauevent(); 1130*7c478bd9Sstevel@tonic-gate while ((evp = getauevent()) != (au_event_ent_t *)NULL) { 1131*7c478bd9Sstevel@tonic-gate if (evp->ae_number <= as.as_numevent) { 1132*7c478bd9Sstevel@tonic-gate ++i; 1133*7c478bd9Sstevel@tonic-gate ec.ec_number = evp->ae_number; 1134*7c478bd9Sstevel@tonic-gate ec.ec_class = evp->ae_class; 1135*7c478bd9Sstevel@tonic-gate eauditon(A_SETCLASS, (caddr_t)&ec, (int)sizeof (ec)); 1136*7c478bd9Sstevel@tonic-gate } 1137*7c478bd9Sstevel@tonic-gate } 1138*7c478bd9Sstevel@tonic-gate endauevent(); 1139*7c478bd9Sstevel@tonic-gate (void) printf(gettext("Configured %d kernel events.\n"), i); 1140*7c478bd9Sstevel@tonic-gate 1141*7c478bd9Sstevel@tonic-gate } 1142*7c478bd9Sstevel@tonic-gate 1143*7c478bd9Sstevel@tonic-gate /* 1144*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1145*7c478bd9Sstevel@tonic-gate * set. 1146*7c478bd9Sstevel@tonic-gate */ 1147*7c478bd9Sstevel@tonic-gate 1148*7c478bd9Sstevel@tonic-gate static void 1149*7c478bd9Sstevel@tonic-gate do_chkaconf() 1150*7c478bd9Sstevel@tonic-gate { 1151*7c478bd9Sstevel@tonic-gate char buf[1024]; 1152*7c478bd9Sstevel@tonic-gate au_mask_t pmask, kmask; 1153*7c478bd9Sstevel@tonic-gate 1154*7c478bd9Sstevel@tonic-gate if (getacna(buf, sizeof (buf)) < 0) { 1155*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1156*7c478bd9Sstevel@tonic-gate gettext("bad non-attributable flags in audit_control\n")); 1157*7c478bd9Sstevel@tonic-gate exit(1); 1158*7c478bd9Sstevel@tonic-gate } 1159*7c478bd9Sstevel@tonic-gate 1160*7c478bd9Sstevel@tonic-gate if (getauditflagsbin(buf, &pmask) < 0) { 1161*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1162*7c478bd9Sstevel@tonic-gate gettext("bad audit flag value encountered\n")); 1163*7c478bd9Sstevel@tonic-gate exit(1); 1164*7c478bd9Sstevel@tonic-gate } 1165*7c478bd9Sstevel@tonic-gate 1166*7c478bd9Sstevel@tonic-gate eauditon(A_GETKMASK, (caddr_t)&kmask, (int)sizeof (kmask)); 1167*7c478bd9Sstevel@tonic-gate 1168*7c478bd9Sstevel@tonic-gate if ((pmask.am_success != kmask.am_success) || 1169*7c478bd9Sstevel@tonic-gate (pmask.am_failure != kmask.am_failure)) { 1170*7c478bd9Sstevel@tonic-gate char kbuf[2048]; 1171*7c478bd9Sstevel@tonic-gate if (getauditflagschar(kbuf, &kmask, 0) < 0) { 1172*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1173*7c478bd9Sstevel@tonic-gate gettext("bad kernel non-attributable mask\n")); 1174*7c478bd9Sstevel@tonic-gate exit(1); 1175*7c478bd9Sstevel@tonic-gate } 1176*7c478bd9Sstevel@tonic-gate (void) printf(gettext("non-attributable event mismatch ")); 1177*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit_control(%s) kernel(%s)\n"), 1178*7c478bd9Sstevel@tonic-gate buf, kbuf); 1179*7c478bd9Sstevel@tonic-gate } 1180*7c478bd9Sstevel@tonic-gate } 1181*7c478bd9Sstevel@tonic-gate 1182*7c478bd9Sstevel@tonic-gate /* 1183*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1184*7c478bd9Sstevel@tonic-gate * set. 1185*7c478bd9Sstevel@tonic-gate */ 1186*7c478bd9Sstevel@tonic-gate 1187*7c478bd9Sstevel@tonic-gate static void 1188*7c478bd9Sstevel@tonic-gate do_aconf() 1189*7c478bd9Sstevel@tonic-gate { 1190*7c478bd9Sstevel@tonic-gate char buf[2048]; 1191*7c478bd9Sstevel@tonic-gate au_mask_t pmask; 1192*7c478bd9Sstevel@tonic-gate 1193*7c478bd9Sstevel@tonic-gate if (getacna(buf, sizeof (buf)) < 0) { 1194*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1195*7c478bd9Sstevel@tonic-gate gettext("bad non-attributable flags in audit_control\n")); 1196*7c478bd9Sstevel@tonic-gate exit(1); 1197*7c478bd9Sstevel@tonic-gate } 1198*7c478bd9Sstevel@tonic-gate 1199*7c478bd9Sstevel@tonic-gate if (getauditflagsbin(buf, &pmask) < 0) { 1200*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1201*7c478bd9Sstevel@tonic-gate gettext("bad audit flag value encountered\n")); 1202*7c478bd9Sstevel@tonic-gate exit(1); 1203*7c478bd9Sstevel@tonic-gate } 1204*7c478bd9Sstevel@tonic-gate 1205*7c478bd9Sstevel@tonic-gate eauditon(A_SETKMASK, (caddr_t)&pmask, (int)sizeof (pmask)); 1206*7c478bd9Sstevel@tonic-gate 1207*7c478bd9Sstevel@tonic-gate (void) printf(gettext("Configured non-attributable events.\n")); 1208*7c478bd9Sstevel@tonic-gate } 1209*7c478bd9Sstevel@tonic-gate 1210*7c478bd9Sstevel@tonic-gate static void 1211*7c478bd9Sstevel@tonic-gate do_audit(event, sorf, retval, audit_str) 1212*7c478bd9Sstevel@tonic-gate char *event; 1213*7c478bd9Sstevel@tonic-gate char sorf; 1214*7c478bd9Sstevel@tonic-gate int retval; 1215*7c478bd9Sstevel@tonic-gate char *audit_str; 1216*7c478bd9Sstevel@tonic-gate { 1217*7c478bd9Sstevel@tonic-gate int rtn; 1218*7c478bd9Sstevel@tonic-gate int rd; 1219*7c478bd9Sstevel@tonic-gate au_event_t event_num; 1220*7c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 1221*7c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 1222*7c478bd9Sstevel@tonic-gate token_t *tokp; 1223*7c478bd9Sstevel@tonic-gate 1224*7c478bd9Sstevel@tonic-gate egetaudit(&ai, sizeof (ai)); 1225*7c478bd9Sstevel@tonic-gate 1226*7c478bd9Sstevel@tonic-gate if (strisnum(event)) { 1227*7c478bd9Sstevel@tonic-gate event_num = (au_event_t)atoi(event); 1228*7c478bd9Sstevel@tonic-gate evp = egetauevnum(event_num); 1229*7c478bd9Sstevel@tonic-gate } else 1230*7c478bd9Sstevel@tonic-gate evp = egetauevnam(event); 1231*7c478bd9Sstevel@tonic-gate 1232*7c478bd9Sstevel@tonic-gate rtn = au_preselect(evp->ae_number, &ai.ai_mask, (int)sorf, 1233*7c478bd9Sstevel@tonic-gate AU_PRS_USECACHE); 1234*7c478bd9Sstevel@tonic-gate 1235*7c478bd9Sstevel@tonic-gate if (rtn == -1) 1236*7c478bd9Sstevel@tonic-gate exit_error("%s\n%s %d\n", 1237*7c478bd9Sstevel@tonic-gate gettext("Check audit event configuration."), 1238*7c478bd9Sstevel@tonic-gate gettext("Could not get audit class for event number"), 1239*7c478bd9Sstevel@tonic-gate evp->ae_number); 1240*7c478bd9Sstevel@tonic-gate 1241*7c478bd9Sstevel@tonic-gate /* record is preselected */ 1242*7c478bd9Sstevel@tonic-gate if (rtn == 1) { 1243*7c478bd9Sstevel@tonic-gate if ((rd = au_open()) == -1) 1244*7c478bd9Sstevel@tonic-gate exit_error(gettext( 1245*7c478bd9Sstevel@tonic-gate "Could not get and audit record descriptor\n")); 1246*7c478bd9Sstevel@tonic-gate if ((tokp = au_to_me()) == (token_t *)NULL) 1247*7c478bd9Sstevel@tonic-gate exit_error(gettext( 1248*7c478bd9Sstevel@tonic-gate "Could not allocate subject token\n")); 1249*7c478bd9Sstevel@tonic-gate if (au_write(rd, tokp) == -1) 1250*7c478bd9Sstevel@tonic-gate exit_error(gettext("Could not construct subject token of audit record\n")); 1251*7c478bd9Sstevel@tonic-gate if ((tokp = au_to_text(audit_str)) == (token_t *)NULL) 1252*7c478bd9Sstevel@tonic-gate exit_error(gettext("Could not allocate text token\n")); 1253*7c478bd9Sstevel@tonic-gate if (au_write(rd, tokp) == -1) 1254*7c478bd9Sstevel@tonic-gate exit_error(gettext("Could not construct text token of audit record\n")); 1255*7c478bd9Sstevel@tonic-gate #ifdef _LP64 1256*7c478bd9Sstevel@tonic-gate if ((tokp = au_to_return64(sorf, retval)) == (token_t *)NULL) 1257*7c478bd9Sstevel@tonic-gate #else 1258*7c478bd9Sstevel@tonic-gate if ((tokp = au_to_return32(sorf, retval)) == (token_t *)NULL) 1259*7c478bd9Sstevel@tonic-gate #endif 1260*7c478bd9Sstevel@tonic-gate exit_error(gettext( 1261*7c478bd9Sstevel@tonic-gate "Could not allocate return token\n")); 1262*7c478bd9Sstevel@tonic-gate if (au_write(rd, tokp) == -1) 1263*7c478bd9Sstevel@tonic-gate exit_error(gettext( 1264*7c478bd9Sstevel@tonic-gate "Could not construct return token of audit record\n")); 1265*7c478bd9Sstevel@tonic-gate if (au_close(rd, 1, evp->ae_number) == -1) 1266*7c478bd9Sstevel@tonic-gate exit_error(gettext( 1267*7c478bd9Sstevel@tonic-gate "Could not write audit record: %s\n"), 1268*7c478bd9Sstevel@tonic-gate strerror(errno)); 1269*7c478bd9Sstevel@tonic-gate } 1270*7c478bd9Sstevel@tonic-gate } 1271*7c478bd9Sstevel@tonic-gate 1272*7c478bd9Sstevel@tonic-gate static void 1273*7c478bd9Sstevel@tonic-gate do_getauid() 1274*7c478bd9Sstevel@tonic-gate { 1275*7c478bd9Sstevel@tonic-gate au_id_t auid; 1276*7c478bd9Sstevel@tonic-gate 1277*7c478bd9Sstevel@tonic-gate egetauid(&auid); 1278*7c478bd9Sstevel@tonic-gate print_auid(auid); 1279*7c478bd9Sstevel@tonic-gate } 1280*7c478bd9Sstevel@tonic-gate 1281*7c478bd9Sstevel@tonic-gate static void 1282*7c478bd9Sstevel@tonic-gate do_getaudit() 1283*7c478bd9Sstevel@tonic-gate { 1284*7c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 1285*7c478bd9Sstevel@tonic-gate 1286*7c478bd9Sstevel@tonic-gate egetaudit(&ai, sizeof (ai)); 1287*7c478bd9Sstevel@tonic-gate print_auid(ai.ai_auid); 1288*7c478bd9Sstevel@tonic-gate print_mask(gettext("process preselection mask"), &ai.ai_mask); 1289*7c478bd9Sstevel@tonic-gate print_tid_ex(&ai.ai_termid); 1290*7c478bd9Sstevel@tonic-gate print_asid(ai.ai_asid); 1291*7c478bd9Sstevel@tonic-gate } 1292*7c478bd9Sstevel@tonic-gate 1293*7c478bd9Sstevel@tonic-gate static void 1294*7c478bd9Sstevel@tonic-gate do_getkaudit() 1295*7c478bd9Sstevel@tonic-gate { 1296*7c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 1297*7c478bd9Sstevel@tonic-gate 1298*7c478bd9Sstevel@tonic-gate egetkaudit(&ai, sizeof (ai)); 1299*7c478bd9Sstevel@tonic-gate print_auid(ai.ai_auid); 1300*7c478bd9Sstevel@tonic-gate print_mask(gettext("process preselection mask"), &ai.ai_mask); 1301*7c478bd9Sstevel@tonic-gate print_tid_ex(&ai.ai_termid); 1302*7c478bd9Sstevel@tonic-gate print_asid(ai.ai_asid); 1303*7c478bd9Sstevel@tonic-gate } 1304*7c478bd9Sstevel@tonic-gate 1305*7c478bd9Sstevel@tonic-gate /* 1306*7c478bd9Sstevel@tonic-gate * per zone if AUDIT_PERZONE set, else only in global zone. 1307*7c478bd9Sstevel@tonic-gate */ 1308*7c478bd9Sstevel@tonic-gate 1309*7c478bd9Sstevel@tonic-gate static void 1310*7c478bd9Sstevel@tonic-gate do_setkaudit(t, s) 1311*7c478bd9Sstevel@tonic-gate char *t; 1312*7c478bd9Sstevel@tonic-gate char *s; 1313*7c478bd9Sstevel@tonic-gate { 1314*7c478bd9Sstevel@tonic-gate uint_t type; 1315*7c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 1316*7c478bd9Sstevel@tonic-gate 1317*7c478bd9Sstevel@tonic-gate egetkaudit(&ai, sizeof (ai)); 1318*7c478bd9Sstevel@tonic-gate (void) str2type(t, &type); 1319*7c478bd9Sstevel@tonic-gate (void) str2ipaddr(s, &ai.ai_termid.at_addr[0], type); 1320*7c478bd9Sstevel@tonic-gate ai.ai_termid.at_type = type; 1321*7c478bd9Sstevel@tonic-gate esetkaudit(&ai, sizeof (ai)); 1322*7c478bd9Sstevel@tonic-gate } 1323*7c478bd9Sstevel@tonic-gate 1324*7c478bd9Sstevel@tonic-gate /* 1325*7c478bd9Sstevel@tonic-gate * returns zone-relative root 1326*7c478bd9Sstevel@tonic-gate */ 1327*7c478bd9Sstevel@tonic-gate 1328*7c478bd9Sstevel@tonic-gate static void 1329*7c478bd9Sstevel@tonic-gate do_getcar() 1330*7c478bd9Sstevel@tonic-gate { 1331*7c478bd9Sstevel@tonic-gate char path[MAXPATHLEN]; 1332*7c478bd9Sstevel@tonic-gate 1333*7c478bd9Sstevel@tonic-gate eauditon(A_GETCAR, (caddr_t)path, (int)sizeof (path)); 1334*7c478bd9Sstevel@tonic-gate (void) printf(gettext("current active root = %s\n"), path); 1335*7c478bd9Sstevel@tonic-gate } 1336*7c478bd9Sstevel@tonic-gate 1337*7c478bd9Sstevel@tonic-gate /* 1338*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1339*7c478bd9Sstevel@tonic-gate * set. 1340*7c478bd9Sstevel@tonic-gate */ 1341*7c478bd9Sstevel@tonic-gate 1342*7c478bd9Sstevel@tonic-gate static void 1343*7c478bd9Sstevel@tonic-gate do_getclass(event_str) 1344*7c478bd9Sstevel@tonic-gate char *event_str; 1345*7c478bd9Sstevel@tonic-gate { 1346*7c478bd9Sstevel@tonic-gate au_evclass_map_t ec; 1347*7c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 1348*7c478bd9Sstevel@tonic-gate au_event_t event_number; 1349*7c478bd9Sstevel@tonic-gate char *event_name; 1350*7c478bd9Sstevel@tonic-gate char desc[256]; 1351*7c478bd9Sstevel@tonic-gate 1352*7c478bd9Sstevel@tonic-gate if (strisnum(event_str)) { 1353*7c478bd9Sstevel@tonic-gate event_number = atol(event_str); 1354*7c478bd9Sstevel@tonic-gate if ((evp = egetauevnum(event_number)) != 1355*7c478bd9Sstevel@tonic-gate (au_event_ent_t *)NULL) { 1356*7c478bd9Sstevel@tonic-gate event_number = evp->ae_number; 1357*7c478bd9Sstevel@tonic-gate event_name = evp->ae_name; 1358*7c478bd9Sstevel@tonic-gate } else 1359*7c478bd9Sstevel@tonic-gate event_name = gettext("unknown"); 1360*7c478bd9Sstevel@tonic-gate } else { 1361*7c478bd9Sstevel@tonic-gate event_name = event_str; 1362*7c478bd9Sstevel@tonic-gate if ((evp = egetauevnam(event_str)) != (au_event_ent_t *)NULL) 1363*7c478bd9Sstevel@tonic-gate event_number = evp->ae_number; 1364*7c478bd9Sstevel@tonic-gate } 1365*7c478bd9Sstevel@tonic-gate 1366*7c478bd9Sstevel@tonic-gate ec.ec_number = event_number; 1367*7c478bd9Sstevel@tonic-gate eauditon(A_GETCLASS, (caddr_t)&ec, 0); 1368*7c478bd9Sstevel@tonic-gate 1369*7c478bd9Sstevel@tonic-gate (void) sprintf(desc, gettext("audit class mask for event %s(%d)"), 1370*7c478bd9Sstevel@tonic-gate event_name, event_number); 1371*7c478bd9Sstevel@tonic-gate print_mask1(desc, ec.ec_class); 1372*7c478bd9Sstevel@tonic-gate } 1373*7c478bd9Sstevel@tonic-gate 1374*7c478bd9Sstevel@tonic-gate /* 1375*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1376*7c478bd9Sstevel@tonic-gate * set. (AUC_DISABLED is always global, the other states are per zone 1377*7c478bd9Sstevel@tonic-gate * if AUDIT_PERZONE is set) 1378*7c478bd9Sstevel@tonic-gate */ 1379*7c478bd9Sstevel@tonic-gate 1380*7c478bd9Sstevel@tonic-gate static void 1381*7c478bd9Sstevel@tonic-gate do_getcond() 1382*7c478bd9Sstevel@tonic-gate { 1383*7c478bd9Sstevel@tonic-gate char cond_str[16]; 1384*7c478bd9Sstevel@tonic-gate uint_t cond; 1385*7c478bd9Sstevel@tonic-gate 1386*7c478bd9Sstevel@tonic-gate eauditon(A_GETCOND, (caddr_t)&cond, (int)sizeof (cond)); 1387*7c478bd9Sstevel@tonic-gate 1388*7c478bd9Sstevel@tonic-gate (void) cond2str(cond, cond_str); 1389*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit condition = %s\n"), cond_str); 1390*7c478bd9Sstevel@tonic-gate } 1391*7c478bd9Sstevel@tonic-gate 1392*7c478bd9Sstevel@tonic-gate /* 1393*7c478bd9Sstevel@tonic-gate * returned path is relative to zone root 1394*7c478bd9Sstevel@tonic-gate */ 1395*7c478bd9Sstevel@tonic-gate 1396*7c478bd9Sstevel@tonic-gate static void 1397*7c478bd9Sstevel@tonic-gate do_getcwd() 1398*7c478bd9Sstevel@tonic-gate { 1399*7c478bd9Sstevel@tonic-gate char path[MAXPATHLEN]; 1400*7c478bd9Sstevel@tonic-gate 1401*7c478bd9Sstevel@tonic-gate eauditon(A_GETCWD, (caddr_t)path, (int)sizeof (path)); 1402*7c478bd9Sstevel@tonic-gate (void) printf(gettext("current working directory = %s\n"), path); 1403*7c478bd9Sstevel@tonic-gate } 1404*7c478bd9Sstevel@tonic-gate 1405*7c478bd9Sstevel@tonic-gate /* 1406*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1407*7c478bd9Sstevel@tonic-gate * set. 1408*7c478bd9Sstevel@tonic-gate */ 1409*7c478bd9Sstevel@tonic-gate 1410*7c478bd9Sstevel@tonic-gate static void 1411*7c478bd9Sstevel@tonic-gate do_getkmask() 1412*7c478bd9Sstevel@tonic-gate { 1413*7c478bd9Sstevel@tonic-gate au_mask_t pmask; 1414*7c478bd9Sstevel@tonic-gate 1415*7c478bd9Sstevel@tonic-gate eauditon(A_GETKMASK, (caddr_t)&pmask, (int)sizeof (pmask)); 1416*7c478bd9Sstevel@tonic-gate print_mask(gettext("audit flags for non-attributable events"), &pmask); 1417*7c478bd9Sstevel@tonic-gate } 1418*7c478bd9Sstevel@tonic-gate 1419*7c478bd9Sstevel@tonic-gate /* 1420*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1421*7c478bd9Sstevel@tonic-gate * set. (some policies can only be set from the global zone, but all 1422*7c478bd9Sstevel@tonic-gate * can be read from anywhere.) 1423*7c478bd9Sstevel@tonic-gate */ 1424*7c478bd9Sstevel@tonic-gate 1425*7c478bd9Sstevel@tonic-gate static void 1426*7c478bd9Sstevel@tonic-gate do_getpolicy() 1427*7c478bd9Sstevel@tonic-gate { 1428*7c478bd9Sstevel@tonic-gate char policy_str[1024]; 1429*7c478bd9Sstevel@tonic-gate uint_t policy; 1430*7c478bd9Sstevel@tonic-gate 1431*7c478bd9Sstevel@tonic-gate eauditon(A_GETPOLICY, (caddr_t)&policy, 0); 1432*7c478bd9Sstevel@tonic-gate (void) policy2str(policy, policy_str, sizeof (policy_str)); 1433*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit policies = %s\n"), policy_str); 1434*7c478bd9Sstevel@tonic-gate } 1435*7c478bd9Sstevel@tonic-gate 1436*7c478bd9Sstevel@tonic-gate static void 1437*7c478bd9Sstevel@tonic-gate do_getpinfo(pid_str) 1438*7c478bd9Sstevel@tonic-gate char *pid_str; 1439*7c478bd9Sstevel@tonic-gate { 1440*7c478bd9Sstevel@tonic-gate struct auditpinfo_addr ap; 1441*7c478bd9Sstevel@tonic-gate 1442*7c478bd9Sstevel@tonic-gate if (strisnum(pid_str)) 1443*7c478bd9Sstevel@tonic-gate ap.ap_pid = (pid_t)atoi(pid_str); 1444*7c478bd9Sstevel@tonic-gate else 1445*7c478bd9Sstevel@tonic-gate exit_usage(1); 1446*7c478bd9Sstevel@tonic-gate 1447*7c478bd9Sstevel@tonic-gate eauditon(A_GETPINFO_ADDR, (caddr_t)&ap, sizeof (ap)); 1448*7c478bd9Sstevel@tonic-gate 1449*7c478bd9Sstevel@tonic-gate print_auid(ap.ap_auid); 1450*7c478bd9Sstevel@tonic-gate print_mask(gettext("process preselection mask"), &(ap.ap_mask)); 1451*7c478bd9Sstevel@tonic-gate print_tid_ex(&(ap.ap_termid)); 1452*7c478bd9Sstevel@tonic-gate print_asid(ap.ap_asid); 1453*7c478bd9Sstevel@tonic-gate } 1454*7c478bd9Sstevel@tonic-gate 1455*7c478bd9Sstevel@tonic-gate /* 1456*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1457*7c478bd9Sstevel@tonic-gate * set. 1458*7c478bd9Sstevel@tonic-gate */ 1459*7c478bd9Sstevel@tonic-gate 1460*7c478bd9Sstevel@tonic-gate static void 1461*7c478bd9Sstevel@tonic-gate do_getqbufsz() 1462*7c478bd9Sstevel@tonic-gate { 1463*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1464*7c478bd9Sstevel@tonic-gate 1465*7c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1466*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit queue buffer size (bytes) = %ld\n"), 1467*7c478bd9Sstevel@tonic-gate qctrl.aq_bufsz); 1468*7c478bd9Sstevel@tonic-gate } 1469*7c478bd9Sstevel@tonic-gate 1470*7c478bd9Sstevel@tonic-gate /* 1471*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1472*7c478bd9Sstevel@tonic-gate * set. 1473*7c478bd9Sstevel@tonic-gate */ 1474*7c478bd9Sstevel@tonic-gate 1475*7c478bd9Sstevel@tonic-gate static void 1476*7c478bd9Sstevel@tonic-gate do_getqctrl() 1477*7c478bd9Sstevel@tonic-gate { 1478*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1479*7c478bd9Sstevel@tonic-gate 1480*7c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1481*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit queue hiwater mark (records) = %ld\n"), 1482*7c478bd9Sstevel@tonic-gate qctrl.aq_hiwater); 1483*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit queue lowater mark (records) = %ld\n"), 1484*7c478bd9Sstevel@tonic-gate qctrl.aq_lowater); 1485*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit queue buffer size (bytes) = %ld\n"), 1486*7c478bd9Sstevel@tonic-gate qctrl.aq_bufsz); 1487*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit queue delay (ticks) = %ld\n"), 1488*7c478bd9Sstevel@tonic-gate qctrl.aq_delay); 1489*7c478bd9Sstevel@tonic-gate } 1490*7c478bd9Sstevel@tonic-gate 1491*7c478bd9Sstevel@tonic-gate /* 1492*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1493*7c478bd9Sstevel@tonic-gate * set. 1494*7c478bd9Sstevel@tonic-gate */ 1495*7c478bd9Sstevel@tonic-gate 1496*7c478bd9Sstevel@tonic-gate static void 1497*7c478bd9Sstevel@tonic-gate do_getqdelay() 1498*7c478bd9Sstevel@tonic-gate { 1499*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1500*7c478bd9Sstevel@tonic-gate 1501*7c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1502*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit queue delay (ticks) = %ld\n"), 1503*7c478bd9Sstevel@tonic-gate qctrl.aq_delay); 1504*7c478bd9Sstevel@tonic-gate } 1505*7c478bd9Sstevel@tonic-gate 1506*7c478bd9Sstevel@tonic-gate /* 1507*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1508*7c478bd9Sstevel@tonic-gate * set. 1509*7c478bd9Sstevel@tonic-gate */ 1510*7c478bd9Sstevel@tonic-gate 1511*7c478bd9Sstevel@tonic-gate static void 1512*7c478bd9Sstevel@tonic-gate do_getqhiwater() 1513*7c478bd9Sstevel@tonic-gate { 1514*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1515*7c478bd9Sstevel@tonic-gate 1516*7c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1517*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit queue hiwater mark (records) = %ld\n"), 1518*7c478bd9Sstevel@tonic-gate qctrl.aq_hiwater); 1519*7c478bd9Sstevel@tonic-gate } 1520*7c478bd9Sstevel@tonic-gate 1521*7c478bd9Sstevel@tonic-gate /* 1522*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1523*7c478bd9Sstevel@tonic-gate * set. 1524*7c478bd9Sstevel@tonic-gate */ 1525*7c478bd9Sstevel@tonic-gate 1526*7c478bd9Sstevel@tonic-gate static void 1527*7c478bd9Sstevel@tonic-gate do_getqlowater() 1528*7c478bd9Sstevel@tonic-gate { 1529*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1530*7c478bd9Sstevel@tonic-gate 1531*7c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1532*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit queue lowater mark (records) = %ld\n"), 1533*7c478bd9Sstevel@tonic-gate qctrl.aq_lowater); 1534*7c478bd9Sstevel@tonic-gate } 1535*7c478bd9Sstevel@tonic-gate 1536*7c478bd9Sstevel@tonic-gate static void 1537*7c478bd9Sstevel@tonic-gate do_getasid() 1538*7c478bd9Sstevel@tonic-gate { 1539*7c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 1540*7c478bd9Sstevel@tonic-gate 1541*7c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 1542*7c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 1543*7c478bd9Sstevel@tonic-gate } 1544*7c478bd9Sstevel@tonic-gate print_asid(ai.ai_asid); 1545*7c478bd9Sstevel@tonic-gate } 1546*7c478bd9Sstevel@tonic-gate 1547*7c478bd9Sstevel@tonic-gate /* 1548*7c478bd9Sstevel@tonic-gate * The stats are for the entire system unless AUDIT_PERZONE is set. 1549*7c478bd9Sstevel@tonic-gate */ 1550*7c478bd9Sstevel@tonic-gate 1551*7c478bd9Sstevel@tonic-gate static void 1552*7c478bd9Sstevel@tonic-gate do_getstat() 1553*7c478bd9Sstevel@tonic-gate { 1554*7c478bd9Sstevel@tonic-gate au_stat_t as; 1555*7c478bd9Sstevel@tonic-gate 1556*7c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 1557*7c478bd9Sstevel@tonic-gate print_stats(&as); 1558*7c478bd9Sstevel@tonic-gate } 1559*7c478bd9Sstevel@tonic-gate 1560*7c478bd9Sstevel@tonic-gate static void 1561*7c478bd9Sstevel@tonic-gate do_gettermid() 1562*7c478bd9Sstevel@tonic-gate { 1563*7c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 1564*7c478bd9Sstevel@tonic-gate 1565*7c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 1566*7c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 1567*7c478bd9Sstevel@tonic-gate } 1568*7c478bd9Sstevel@tonic-gate print_tid_ex(&ai.ai_termid); 1569*7c478bd9Sstevel@tonic-gate } 1570*7c478bd9Sstevel@tonic-gate 1571*7c478bd9Sstevel@tonic-gate /* 1572*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1573*7c478bd9Sstevel@tonic-gate * set. 1574*7c478bd9Sstevel@tonic-gate */ 1575*7c478bd9Sstevel@tonic-gate 1576*7c478bd9Sstevel@tonic-gate static void 1577*7c478bd9Sstevel@tonic-gate do_getfsize() 1578*7c478bd9Sstevel@tonic-gate { 1579*7c478bd9Sstevel@tonic-gate au_fstat_t fstat; 1580*7c478bd9Sstevel@tonic-gate 1581*7c478bd9Sstevel@tonic-gate eauditon(A_GETFSIZE, (caddr_t)&fstat, 0); 1582*7c478bd9Sstevel@tonic-gate (void) printf(gettext("Maximum file size %d, current file size %d\n"), 1583*7c478bd9Sstevel@tonic-gate fstat.af_filesz, fstat.af_currsz); 1584*7c478bd9Sstevel@tonic-gate } 1585*7c478bd9Sstevel@tonic-gate 1586*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 1587*7c478bd9Sstevel@tonic-gate static void 1588*7c478bd9Sstevel@tonic-gate do_getuseraudit(user) 1589*7c478bd9Sstevel@tonic-gate char *user; 1590*7c478bd9Sstevel@tonic-gate { 1591*7c478bd9Sstevel@tonic-gate (void) printf(gettext("-getuseraudit supported on SunOS CMW only.\n")); 1592*7c478bd9Sstevel@tonic-gate } 1593*7c478bd9Sstevel@tonic-gate 1594*7c478bd9Sstevel@tonic-gate /* 1595*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1596*7c478bd9Sstevel@tonic-gate * set. 1597*7c478bd9Sstevel@tonic-gate */ 1598*7c478bd9Sstevel@tonic-gate 1599*7c478bd9Sstevel@tonic-gate static void 1600*7c478bd9Sstevel@tonic-gate do_lsevent() 1601*7c478bd9Sstevel@tonic-gate { 1602*7c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 1603*7c478bd9Sstevel@tonic-gate au_mask_t pmask; 1604*7c478bd9Sstevel@tonic-gate char auflags[256]; 1605*7c478bd9Sstevel@tonic-gate 1606*7c478bd9Sstevel@tonic-gate setauevent(); 1607*7c478bd9Sstevel@tonic-gate if ((evp = getauevent()) == (au_event_ent_t *)NULL) { 1608*7c478bd9Sstevel@tonic-gate (void) exit_error(gettext( 1609*7c478bd9Sstevel@tonic-gate "NO AUDIT EVENTS: Could not read %s\n."), 1610*7c478bd9Sstevel@tonic-gate AUDITEVENTFILE); 1611*7c478bd9Sstevel@tonic-gate } 1612*7c478bd9Sstevel@tonic-gate 1613*7c478bd9Sstevel@tonic-gate setauevent(); 1614*7c478bd9Sstevel@tonic-gate while ((evp = getauevent()) != (au_event_ent_t *)NULL) { 1615*7c478bd9Sstevel@tonic-gate pmask.am_success = pmask.am_failure = evp->ae_class; 1616*7c478bd9Sstevel@tonic-gate if (getauditflagschar(auflags, &pmask, 0) == -1) 1617*7c478bd9Sstevel@tonic-gate (void) strcpy(auflags, "unknown"); 1618*7c478bd9Sstevel@tonic-gate (void) printf("%-30s %5d %s %s\n", 1619*7c478bd9Sstevel@tonic-gate evp->ae_name, evp->ae_number, auflags, evp->ae_desc); 1620*7c478bd9Sstevel@tonic-gate } 1621*7c478bd9Sstevel@tonic-gate endauevent(); 1622*7c478bd9Sstevel@tonic-gate } 1623*7c478bd9Sstevel@tonic-gate 1624*7c478bd9Sstevel@tonic-gate /* 1625*7c478bd9Sstevel@tonic-gate * The returned value is for the global zone unless AUDIT_PERZONE is 1626*7c478bd9Sstevel@tonic-gate * set. 1627*7c478bd9Sstevel@tonic-gate */ 1628*7c478bd9Sstevel@tonic-gate 1629*7c478bd9Sstevel@tonic-gate static void 1630*7c478bd9Sstevel@tonic-gate do_lspolicy() 1631*7c478bd9Sstevel@tonic-gate { 1632*7c478bd9Sstevel@tonic-gate int i; 1633*7c478bd9Sstevel@tonic-gate 1634*7c478bd9Sstevel@tonic-gate /* 1635*7c478bd9Sstevel@tonic-gate * TRANSLATION_NOTE 1636*7c478bd9Sstevel@tonic-gate * Print a properly aligned header. 1637*7c478bd9Sstevel@tonic-gate */ 1638*7c478bd9Sstevel@tonic-gate (void) printf(gettext("policy string description:\n")); 1639*7c478bd9Sstevel@tonic-gate for (i = 0; i < POLICY_TBL_SZ; i++) 1640*7c478bd9Sstevel@tonic-gate (void) printf("%-17s%s\n", 1641*7c478bd9Sstevel@tonic-gate policy_table[i].policy_str, 1642*7c478bd9Sstevel@tonic-gate gettext(policy_table[i].policy_desc)); 1643*7c478bd9Sstevel@tonic-gate } 1644*7c478bd9Sstevel@tonic-gate 1645*7c478bd9Sstevel@tonic-gate static void 1646*7c478bd9Sstevel@tonic-gate do_setasid(sid_str, argv) 1647*7c478bd9Sstevel@tonic-gate char *sid_str; 1648*7c478bd9Sstevel@tonic-gate char **argv; 1649*7c478bd9Sstevel@tonic-gate { 1650*7c478bd9Sstevel@tonic-gate struct auditinfo_addr ai; 1651*7c478bd9Sstevel@tonic-gate 1652*7c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 1653*7c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 1654*7c478bd9Sstevel@tonic-gate } 1655*7c478bd9Sstevel@tonic-gate ai.ai_asid = (au_asid_t)atol(sid_str); 1656*7c478bd9Sstevel@tonic-gate if (setaudit_addr(&ai, sizeof (ai))) { 1657*7c478bd9Sstevel@tonic-gate exit_error(gettext("setaudit_addr(2) failed")); 1658*7c478bd9Sstevel@tonic-gate } 1659*7c478bd9Sstevel@tonic-gate execit(argv); 1660*7c478bd9Sstevel@tonic-gate } 1661*7c478bd9Sstevel@tonic-gate 1662*7c478bd9Sstevel@tonic-gate static void 1663*7c478bd9Sstevel@tonic-gate do_setaudit(user_str, mask_str, tid_str, sid_str, argv) 1664*7c478bd9Sstevel@tonic-gate char *user_str; 1665*7c478bd9Sstevel@tonic-gate char *mask_str; 1666*7c478bd9Sstevel@tonic-gate char *tid_str; 1667*7c478bd9Sstevel@tonic-gate char *sid_str; 1668*7c478bd9Sstevel@tonic-gate char **argv; 1669*7c478bd9Sstevel@tonic-gate { 1670*7c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 1671*7c478bd9Sstevel@tonic-gate 1672*7c478bd9Sstevel@tonic-gate ai.ai_auid = (au_id_t)get_user_id(user_str); 1673*7c478bd9Sstevel@tonic-gate str2mask(mask_str, &ai.ai_mask), 1674*7c478bd9Sstevel@tonic-gate str2tid(tid_str, &ai.ai_termid); 1675*7c478bd9Sstevel@tonic-gate ai.ai_asid = (au_asid_t)atol(sid_str); 1676*7c478bd9Sstevel@tonic-gate 1677*7c478bd9Sstevel@tonic-gate esetaudit(&ai, sizeof (ai)); 1678*7c478bd9Sstevel@tonic-gate execit(argv); 1679*7c478bd9Sstevel@tonic-gate } 1680*7c478bd9Sstevel@tonic-gate 1681*7c478bd9Sstevel@tonic-gate static void 1682*7c478bd9Sstevel@tonic-gate do_setauid(user, argv) 1683*7c478bd9Sstevel@tonic-gate char *user; 1684*7c478bd9Sstevel@tonic-gate char **argv; 1685*7c478bd9Sstevel@tonic-gate { 1686*7c478bd9Sstevel@tonic-gate au_id_t auid; 1687*7c478bd9Sstevel@tonic-gate 1688*7c478bd9Sstevel@tonic-gate auid = get_user_id(user); 1689*7c478bd9Sstevel@tonic-gate esetauid(&auid); 1690*7c478bd9Sstevel@tonic-gate execit(argv); 1691*7c478bd9Sstevel@tonic-gate } 1692*7c478bd9Sstevel@tonic-gate 1693*7c478bd9Sstevel@tonic-gate static void 1694*7c478bd9Sstevel@tonic-gate do_setpmask(pid_str, audit_flags) 1695*7c478bd9Sstevel@tonic-gate char *pid_str; 1696*7c478bd9Sstevel@tonic-gate char *audit_flags; 1697*7c478bd9Sstevel@tonic-gate { 1698*7c478bd9Sstevel@tonic-gate struct auditpinfo ap; 1699*7c478bd9Sstevel@tonic-gate 1700*7c478bd9Sstevel@tonic-gate if (strisnum(pid_str)) 1701*7c478bd9Sstevel@tonic-gate ap.ap_pid = (pid_t)atoi(pid_str); 1702*7c478bd9Sstevel@tonic-gate else 1703*7c478bd9Sstevel@tonic-gate exit_usage(1); 1704*7c478bd9Sstevel@tonic-gate 1705*7c478bd9Sstevel@tonic-gate str2mask(audit_flags, &ap.ap_mask); 1706*7c478bd9Sstevel@tonic-gate 1707*7c478bd9Sstevel@tonic-gate eauditon(A_SETPMASK, (caddr_t)&ap, (int)sizeof (ap)); 1708*7c478bd9Sstevel@tonic-gate } 1709*7c478bd9Sstevel@tonic-gate 1710*7c478bd9Sstevel@tonic-gate static void 1711*7c478bd9Sstevel@tonic-gate do_setsmask(asid_str, audit_flags) 1712*7c478bd9Sstevel@tonic-gate char *asid_str; 1713*7c478bd9Sstevel@tonic-gate char *audit_flags; 1714*7c478bd9Sstevel@tonic-gate { 1715*7c478bd9Sstevel@tonic-gate struct auditinfo ainfo; 1716*7c478bd9Sstevel@tonic-gate 1717*7c478bd9Sstevel@tonic-gate if (strisnum(asid_str)) 1718*7c478bd9Sstevel@tonic-gate ainfo.ai_asid = (pid_t)atoi(asid_str); 1719*7c478bd9Sstevel@tonic-gate else 1720*7c478bd9Sstevel@tonic-gate exit_usage(1); 1721*7c478bd9Sstevel@tonic-gate 1722*7c478bd9Sstevel@tonic-gate str2mask(audit_flags, &ainfo.ai_mask); 1723*7c478bd9Sstevel@tonic-gate 1724*7c478bd9Sstevel@tonic-gate eauditon(A_SETSMASK, (caddr_t)&ainfo, (int)sizeof (ainfo)); 1725*7c478bd9Sstevel@tonic-gate } 1726*7c478bd9Sstevel@tonic-gate 1727*7c478bd9Sstevel@tonic-gate static void 1728*7c478bd9Sstevel@tonic-gate do_setumask(auid_str, audit_flags) 1729*7c478bd9Sstevel@tonic-gate char *auid_str; 1730*7c478bd9Sstevel@tonic-gate char *audit_flags; 1731*7c478bd9Sstevel@tonic-gate { 1732*7c478bd9Sstevel@tonic-gate struct auditinfo ainfo; 1733*7c478bd9Sstevel@tonic-gate 1734*7c478bd9Sstevel@tonic-gate if (strisnum(auid_str)) 1735*7c478bd9Sstevel@tonic-gate ainfo.ai_auid = (pid_t)atoi(auid_str); 1736*7c478bd9Sstevel@tonic-gate else 1737*7c478bd9Sstevel@tonic-gate exit_usage(1); 1738*7c478bd9Sstevel@tonic-gate 1739*7c478bd9Sstevel@tonic-gate str2mask(audit_flags, &ainfo.ai_mask); 1740*7c478bd9Sstevel@tonic-gate 1741*7c478bd9Sstevel@tonic-gate eauditon(A_SETUMASK, (caddr_t)&ainfo, (int)sizeof (ainfo)); 1742*7c478bd9Sstevel@tonic-gate } 1743*7c478bd9Sstevel@tonic-gate 1744*7c478bd9Sstevel@tonic-gate /* 1745*7c478bd9Sstevel@tonic-gate * local zone use is valid if AUDIT_PERZONE is set, otherwise the 1746*7c478bd9Sstevel@tonic-gate * syscall returns EPERM. 1747*7c478bd9Sstevel@tonic-gate */ 1748*7c478bd9Sstevel@tonic-gate 1749*7c478bd9Sstevel@tonic-gate static void 1750*7c478bd9Sstevel@tonic-gate do_setstat() 1751*7c478bd9Sstevel@tonic-gate { 1752*7c478bd9Sstevel@tonic-gate au_stat_t as; 1753*7c478bd9Sstevel@tonic-gate 1754*7c478bd9Sstevel@tonic-gate as.as_audit = (uint_t)-1; 1755*7c478bd9Sstevel@tonic-gate as.as_auditctl = (uint_t)-1; 1756*7c478bd9Sstevel@tonic-gate as.as_dropped = (uint_t)-1; 1757*7c478bd9Sstevel@tonic-gate as.as_enqueue = (uint_t)-1; 1758*7c478bd9Sstevel@tonic-gate as.as_generated = (uint_t)-1; 1759*7c478bd9Sstevel@tonic-gate as.as_kernel = (uint_t)-1; 1760*7c478bd9Sstevel@tonic-gate as.as_nonattrib = (uint_t)-1; 1761*7c478bd9Sstevel@tonic-gate as.as_rblocked = (uint_t)-1; 1762*7c478bd9Sstevel@tonic-gate as.as_totalsize = (uint_t)-1; 1763*7c478bd9Sstevel@tonic-gate as.as_wblocked = (uint_t)-1; 1764*7c478bd9Sstevel@tonic-gate as.as_written = (uint_t)-1; 1765*7c478bd9Sstevel@tonic-gate 1766*7c478bd9Sstevel@tonic-gate eauditon(A_SETSTAT, (caddr_t)&as, (int)sizeof (as)); 1767*7c478bd9Sstevel@tonic-gate (void) puts(gettext("audit stats reset")); 1768*7c478bd9Sstevel@tonic-gate } 1769*7c478bd9Sstevel@tonic-gate 1770*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 1771*7c478bd9Sstevel@tonic-gate static void 1772*7c478bd9Sstevel@tonic-gate do_setuseraudit(user, auditflags) 1773*7c478bd9Sstevel@tonic-gate char *user; 1774*7c478bd9Sstevel@tonic-gate char *auditflags; 1775*7c478bd9Sstevel@tonic-gate { 1776*7c478bd9Sstevel@tonic-gate (void) printf(gettext("-setuseraudit supported on SunOS CMW only.\n")); 1777*7c478bd9Sstevel@tonic-gate } 1778*7c478bd9Sstevel@tonic-gate 1779*7c478bd9Sstevel@tonic-gate /* 1780*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE set: valid in all zones 1781*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE not set: valid in global zone only 1782*7c478bd9Sstevel@tonic-gate */ 1783*7c478bd9Sstevel@tonic-gate 1784*7c478bd9Sstevel@tonic-gate static void 1785*7c478bd9Sstevel@tonic-gate do_setclass(event_str, audit_flags) 1786*7c478bd9Sstevel@tonic-gate char *event_str; 1787*7c478bd9Sstevel@tonic-gate char *audit_flags; 1788*7c478bd9Sstevel@tonic-gate { 1789*7c478bd9Sstevel@tonic-gate au_event_t event; 1790*7c478bd9Sstevel@tonic-gate int mask; 1791*7c478bd9Sstevel@tonic-gate au_mask_t pmask; 1792*7c478bd9Sstevel@tonic-gate au_evclass_map_t ec; 1793*7c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 1794*7c478bd9Sstevel@tonic-gate 1795*7c478bd9Sstevel@tonic-gate if (strisnum(event_str)) 1796*7c478bd9Sstevel@tonic-gate event = (uint_t)atol(event_str); 1797*7c478bd9Sstevel@tonic-gate else { 1798*7c478bd9Sstevel@tonic-gate if ((evp = egetauevnam(event_str)) != (au_event_ent_t *)NULL) 1799*7c478bd9Sstevel@tonic-gate event = evp->ae_number; 1800*7c478bd9Sstevel@tonic-gate } 1801*7c478bd9Sstevel@tonic-gate 1802*7c478bd9Sstevel@tonic-gate if (strisnum(audit_flags)) 1803*7c478bd9Sstevel@tonic-gate mask = atoi(audit_flags); 1804*7c478bd9Sstevel@tonic-gate else { 1805*7c478bd9Sstevel@tonic-gate str2mask(audit_flags, &pmask); 1806*7c478bd9Sstevel@tonic-gate mask = pmask.am_success | pmask.am_failure; 1807*7c478bd9Sstevel@tonic-gate } 1808*7c478bd9Sstevel@tonic-gate 1809*7c478bd9Sstevel@tonic-gate ec.ec_number = event; 1810*7c478bd9Sstevel@tonic-gate ec.ec_class = mask; 1811*7c478bd9Sstevel@tonic-gate eauditon(A_SETCLASS, (caddr_t)&ec, (int)sizeof (ec)); 1812*7c478bd9Sstevel@tonic-gate } 1813*7c478bd9Sstevel@tonic-gate 1814*7c478bd9Sstevel@tonic-gate /* 1815*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE set: valid in all zones 1816*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE not set: valid in global zone only 1817*7c478bd9Sstevel@tonic-gate */ 1818*7c478bd9Sstevel@tonic-gate 1819*7c478bd9Sstevel@tonic-gate static void 1820*7c478bd9Sstevel@tonic-gate do_setkmask(audit_flags) 1821*7c478bd9Sstevel@tonic-gate char *audit_flags; 1822*7c478bd9Sstevel@tonic-gate { 1823*7c478bd9Sstevel@tonic-gate au_mask_t pmask; 1824*7c478bd9Sstevel@tonic-gate 1825*7c478bd9Sstevel@tonic-gate str2mask(audit_flags, &pmask); 1826*7c478bd9Sstevel@tonic-gate eauditon(A_SETKMASK, (caddr_t)&pmask, (int)sizeof (pmask)); 1827*7c478bd9Sstevel@tonic-gate print_mask(gettext("audit flags for non-attributable events"), &pmask); 1828*7c478bd9Sstevel@tonic-gate } 1829*7c478bd9Sstevel@tonic-gate 1830*7c478bd9Sstevel@tonic-gate /* 1831*7c478bd9Sstevel@tonic-gate * ahlt and perzone are global zone only; the other policies are valid 1832*7c478bd9Sstevel@tonic-gate * in a local zone if AUDIT_PERZONE is set. The kernel insures that 1833*7c478bd9Sstevel@tonic-gate * a local zone can't change ahlt and perzone (EINVAL). 1834*7c478bd9Sstevel@tonic-gate */ 1835*7c478bd9Sstevel@tonic-gate 1836*7c478bd9Sstevel@tonic-gate static void 1837*7c478bd9Sstevel@tonic-gate do_setpolicy(policy_str) 1838*7c478bd9Sstevel@tonic-gate char *policy_str; 1839*7c478bd9Sstevel@tonic-gate { 1840*7c478bd9Sstevel@tonic-gate uint_t policy; 1841*7c478bd9Sstevel@tonic-gate 1842*7c478bd9Sstevel@tonic-gate switch (str2policy(policy_str, &policy)) { 1843*7c478bd9Sstevel@tonic-gate case 2: 1844*7c478bd9Sstevel@tonic-gate exit_error(gettext( 1845*7c478bd9Sstevel@tonic-gate "policy (%s) invalid in a local zone."), 1846*7c478bd9Sstevel@tonic-gate policy_str); 1847*7c478bd9Sstevel@tonic-gate break; 1848*7c478bd9Sstevel@tonic-gate default: 1849*7c478bd9Sstevel@tonic-gate exit_error(gettext( 1850*7c478bd9Sstevel@tonic-gate "Invalid policy (%s) specified."), 1851*7c478bd9Sstevel@tonic-gate policy_str); 1852*7c478bd9Sstevel@tonic-gate break; 1853*7c478bd9Sstevel@tonic-gate case 0: 1854*7c478bd9Sstevel@tonic-gate eauditon(A_SETPOLICY, (caddr_t)&policy, 0); 1855*7c478bd9Sstevel@tonic-gate break; 1856*7c478bd9Sstevel@tonic-gate } 1857*7c478bd9Sstevel@tonic-gate } 1858*7c478bd9Sstevel@tonic-gate 1859*7c478bd9Sstevel@tonic-gate /* 1860*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE set: valid in all zones 1861*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE not set: valid in global zone only 1862*7c478bd9Sstevel@tonic-gate */ 1863*7c478bd9Sstevel@tonic-gate 1864*7c478bd9Sstevel@tonic-gate static void 1865*7c478bd9Sstevel@tonic-gate do_setqbufsz(bufsz) 1866*7c478bd9Sstevel@tonic-gate char *bufsz; 1867*7c478bd9Sstevel@tonic-gate { 1868*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1869*7c478bd9Sstevel@tonic-gate 1870*7c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1871*7c478bd9Sstevel@tonic-gate qctrl.aq_bufsz = atol(bufsz); 1872*7c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 1873*7c478bd9Sstevel@tonic-gate } 1874*7c478bd9Sstevel@tonic-gate 1875*7c478bd9Sstevel@tonic-gate /* 1876*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE set: valid in all zones 1877*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE not set: valid in global zone only 1878*7c478bd9Sstevel@tonic-gate */ 1879*7c478bd9Sstevel@tonic-gate 1880*7c478bd9Sstevel@tonic-gate static void 1881*7c478bd9Sstevel@tonic-gate do_setqctrl(hiwater, lowater, bufsz, delay) 1882*7c478bd9Sstevel@tonic-gate char *hiwater; 1883*7c478bd9Sstevel@tonic-gate char *lowater; 1884*7c478bd9Sstevel@tonic-gate char *bufsz; 1885*7c478bd9Sstevel@tonic-gate char *delay; 1886*7c478bd9Sstevel@tonic-gate { 1887*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1888*7c478bd9Sstevel@tonic-gate 1889*7c478bd9Sstevel@tonic-gate qctrl.aq_hiwater = atol(hiwater); 1890*7c478bd9Sstevel@tonic-gate qctrl.aq_lowater = atol(lowater); 1891*7c478bd9Sstevel@tonic-gate qctrl.aq_bufsz = atol(bufsz); 1892*7c478bd9Sstevel@tonic-gate qctrl.aq_delay = atol(delay); 1893*7c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 1894*7c478bd9Sstevel@tonic-gate } 1895*7c478bd9Sstevel@tonic-gate 1896*7c478bd9Sstevel@tonic-gate /* 1897*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE set: valid in all zones 1898*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE not set: valid in global zone only 1899*7c478bd9Sstevel@tonic-gate */ 1900*7c478bd9Sstevel@tonic-gate 1901*7c478bd9Sstevel@tonic-gate static void 1902*7c478bd9Sstevel@tonic-gate do_setqdelay(delay) 1903*7c478bd9Sstevel@tonic-gate char *delay; 1904*7c478bd9Sstevel@tonic-gate { 1905*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1906*7c478bd9Sstevel@tonic-gate 1907*7c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1908*7c478bd9Sstevel@tonic-gate qctrl.aq_delay = atol(delay); 1909*7c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 1910*7c478bd9Sstevel@tonic-gate } 1911*7c478bd9Sstevel@tonic-gate 1912*7c478bd9Sstevel@tonic-gate /* 1913*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE set: valid in all zones 1914*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE not set: valid in global zone only 1915*7c478bd9Sstevel@tonic-gate */ 1916*7c478bd9Sstevel@tonic-gate 1917*7c478bd9Sstevel@tonic-gate static void 1918*7c478bd9Sstevel@tonic-gate do_setqhiwater(hiwater) 1919*7c478bd9Sstevel@tonic-gate char *hiwater; 1920*7c478bd9Sstevel@tonic-gate { 1921*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1922*7c478bd9Sstevel@tonic-gate 1923*7c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1924*7c478bd9Sstevel@tonic-gate qctrl.aq_hiwater = atol(hiwater); 1925*7c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 1926*7c478bd9Sstevel@tonic-gate } 1927*7c478bd9Sstevel@tonic-gate 1928*7c478bd9Sstevel@tonic-gate /* 1929*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE set: valid in all zones 1930*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE not set: valid in global zone only 1931*7c478bd9Sstevel@tonic-gate */ 1932*7c478bd9Sstevel@tonic-gate 1933*7c478bd9Sstevel@tonic-gate static void 1934*7c478bd9Sstevel@tonic-gate do_setqlowater(lowater) 1935*7c478bd9Sstevel@tonic-gate char *lowater; 1936*7c478bd9Sstevel@tonic-gate { 1937*7c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 1938*7c478bd9Sstevel@tonic-gate 1939*7c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1940*7c478bd9Sstevel@tonic-gate qctrl.aq_lowater = atol(lowater); 1941*7c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 1942*7c478bd9Sstevel@tonic-gate } 1943*7c478bd9Sstevel@tonic-gate 1944*7c478bd9Sstevel@tonic-gate /* 1945*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE set: valid in all zones 1946*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE not set: valid in global zone only 1947*7c478bd9Sstevel@tonic-gate */ 1948*7c478bd9Sstevel@tonic-gate 1949*7c478bd9Sstevel@tonic-gate static void 1950*7c478bd9Sstevel@tonic-gate do_settid(char *tid_str) 1951*7c478bd9Sstevel@tonic-gate { 1952*7c478bd9Sstevel@tonic-gate struct auditinfo_addr ai; 1953*7c478bd9Sstevel@tonic-gate 1954*7c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 1955*7c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 1956*7c478bd9Sstevel@tonic-gate } 1957*7c478bd9Sstevel@tonic-gate 1958*7c478bd9Sstevel@tonic-gate str2tid(tid_str, &ai.ai_termid); 1959*7c478bd9Sstevel@tonic-gate 1960*7c478bd9Sstevel@tonic-gate if (setaudit_addr(&ai, sizeof (ai))) { 1961*7c478bd9Sstevel@tonic-gate exit_error(gettext("setaudit_addr(2) failed")); 1962*7c478bd9Sstevel@tonic-gate } 1963*7c478bd9Sstevel@tonic-gate } 1964*7c478bd9Sstevel@tonic-gate 1965*7c478bd9Sstevel@tonic-gate /* 1966*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE set: valid in all zones 1967*7c478bd9Sstevel@tonic-gate * AUDIT_PERZONE not set: valid in global zone only 1968*7c478bd9Sstevel@tonic-gate */ 1969*7c478bd9Sstevel@tonic-gate 1970*7c478bd9Sstevel@tonic-gate static void 1971*7c478bd9Sstevel@tonic-gate do_setfsize(size) 1972*7c478bd9Sstevel@tonic-gate char *size; 1973*7c478bd9Sstevel@tonic-gate { 1974*7c478bd9Sstevel@tonic-gate au_fstat_t fstat; 1975*7c478bd9Sstevel@tonic-gate 1976*7c478bd9Sstevel@tonic-gate fstat.af_filesz = atol(size); 1977*7c478bd9Sstevel@tonic-gate eauditon(A_SETFSIZE, (caddr_t)&fstat, 0); 1978*7c478bd9Sstevel@tonic-gate } 1979*7c478bd9Sstevel@tonic-gate 1980*7c478bd9Sstevel@tonic-gate static void 1981*7c478bd9Sstevel@tonic-gate eauditon(cmd, data, length) 1982*7c478bd9Sstevel@tonic-gate int cmd; 1983*7c478bd9Sstevel@tonic-gate caddr_t data; 1984*7c478bd9Sstevel@tonic-gate int length; 1985*7c478bd9Sstevel@tonic-gate { 1986*7c478bd9Sstevel@tonic-gate if (auditon(cmd, data, length) == -1) 1987*7c478bd9Sstevel@tonic-gate exit_error(gettext("auditon(2) failed.")); 1988*7c478bd9Sstevel@tonic-gate } 1989*7c478bd9Sstevel@tonic-gate 1990*7c478bd9Sstevel@tonic-gate static void 1991*7c478bd9Sstevel@tonic-gate egetauid(auid) 1992*7c478bd9Sstevel@tonic-gate au_id_t *auid; 1993*7c478bd9Sstevel@tonic-gate { 1994*7c478bd9Sstevel@tonic-gate if (getauid(auid) == -1) 1995*7c478bd9Sstevel@tonic-gate exit_error(gettext("getauid(2) failed.")); 1996*7c478bd9Sstevel@tonic-gate } 1997*7c478bd9Sstevel@tonic-gate 1998*7c478bd9Sstevel@tonic-gate static void 1999*7c478bd9Sstevel@tonic-gate egetaudit(ai, size) 2000*7c478bd9Sstevel@tonic-gate auditinfo_addr_t *ai; 2001*7c478bd9Sstevel@tonic-gate int size; 2002*7c478bd9Sstevel@tonic-gate { 2003*7c478bd9Sstevel@tonic-gate if (getaudit_addr(ai, size) == -1) 2004*7c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed.")); 2005*7c478bd9Sstevel@tonic-gate } 2006*7c478bd9Sstevel@tonic-gate 2007*7c478bd9Sstevel@tonic-gate static void 2008*7c478bd9Sstevel@tonic-gate egetkaudit(ai, size) 2009*7c478bd9Sstevel@tonic-gate auditinfo_addr_t *ai; 2010*7c478bd9Sstevel@tonic-gate int size; 2011*7c478bd9Sstevel@tonic-gate { 2012*7c478bd9Sstevel@tonic-gate if (auditon(A_GETKAUDIT, (char *)ai, size) < 0) 2013*7c478bd9Sstevel@tonic-gate exit_error(gettext("auditon: A_GETKAUDIT failed.")); 2014*7c478bd9Sstevel@tonic-gate } 2015*7c478bd9Sstevel@tonic-gate 2016*7c478bd9Sstevel@tonic-gate static void 2017*7c478bd9Sstevel@tonic-gate esetkaudit(ai, size) 2018*7c478bd9Sstevel@tonic-gate auditinfo_addr_t *ai; 2019*7c478bd9Sstevel@tonic-gate int size; 2020*7c478bd9Sstevel@tonic-gate { 2021*7c478bd9Sstevel@tonic-gate if (auditon(A_SETKAUDIT, (char *)ai, size) < 0) 2022*7c478bd9Sstevel@tonic-gate exit_error(gettext("auditon: A_SETKAUDIT failed.")); 2023*7c478bd9Sstevel@tonic-gate } 2024*7c478bd9Sstevel@tonic-gate 2025*7c478bd9Sstevel@tonic-gate static void 2026*7c478bd9Sstevel@tonic-gate egetauditflagsbin(auditflags, pmask) 2027*7c478bd9Sstevel@tonic-gate char *auditflags; 2028*7c478bd9Sstevel@tonic-gate au_mask_t *pmask; 2029*7c478bd9Sstevel@tonic-gate { 2030*7c478bd9Sstevel@tonic-gate pmask->am_success = pmask->am_failure = 0; 2031*7c478bd9Sstevel@tonic-gate 2032*7c478bd9Sstevel@tonic-gate if (strcmp(auditflags, "none") == 0) 2033*7c478bd9Sstevel@tonic-gate return; 2034*7c478bd9Sstevel@tonic-gate 2035*7c478bd9Sstevel@tonic-gate if (getauditflagsbin(auditflags, pmask) < 0) { 2036*7c478bd9Sstevel@tonic-gate exit_error(gettext("Could not get audit flags (%s)"), 2037*7c478bd9Sstevel@tonic-gate auditflags); 2038*7c478bd9Sstevel@tonic-gate } 2039*7c478bd9Sstevel@tonic-gate } 2040*7c478bd9Sstevel@tonic-gate 2041*7c478bd9Sstevel@tonic-gate static au_event_ent_t * 2042*7c478bd9Sstevel@tonic-gate egetauevnum(event_number) 2043*7c478bd9Sstevel@tonic-gate au_event_t event_number; 2044*7c478bd9Sstevel@tonic-gate { 2045*7c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 2046*7c478bd9Sstevel@tonic-gate 2047*7c478bd9Sstevel@tonic-gate if ((evp = getauevnum(event_number)) == (au_event_ent_t *)NULL) 2048*7c478bd9Sstevel@tonic-gate exit_error(gettext("Could not get audit event %d"), 2049*7c478bd9Sstevel@tonic-gate event_number); 2050*7c478bd9Sstevel@tonic-gate 2051*7c478bd9Sstevel@tonic-gate return (evp); 2052*7c478bd9Sstevel@tonic-gate } 2053*7c478bd9Sstevel@tonic-gate 2054*7c478bd9Sstevel@tonic-gate static au_event_ent_t * 2055*7c478bd9Sstevel@tonic-gate egetauevnam(event_name) 2056*7c478bd9Sstevel@tonic-gate char *event_name; 2057*7c478bd9Sstevel@tonic-gate { 2058*7c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 2059*7c478bd9Sstevel@tonic-gate 2060*7c478bd9Sstevel@tonic-gate if ((evp = getauevnam(event_name)) == (au_event_ent_t *)NULL) 2061*7c478bd9Sstevel@tonic-gate exit_error(gettext("Could not get audit event %s"), event_name); 2062*7c478bd9Sstevel@tonic-gate 2063*7c478bd9Sstevel@tonic-gate return (evp); 2064*7c478bd9Sstevel@tonic-gate } 2065*7c478bd9Sstevel@tonic-gate 2066*7c478bd9Sstevel@tonic-gate static void 2067*7c478bd9Sstevel@tonic-gate esetauid(auid) 2068*7c478bd9Sstevel@tonic-gate au_id_t *auid; 2069*7c478bd9Sstevel@tonic-gate { 2070*7c478bd9Sstevel@tonic-gate if (setauid(auid) == -1) 2071*7c478bd9Sstevel@tonic-gate exit_error(gettext("setauid(2) failed.")); 2072*7c478bd9Sstevel@tonic-gate } 2073*7c478bd9Sstevel@tonic-gate 2074*7c478bd9Sstevel@tonic-gate static void 2075*7c478bd9Sstevel@tonic-gate esetaudit(ai, size) 2076*7c478bd9Sstevel@tonic-gate auditinfo_addr_t *ai; 2077*7c478bd9Sstevel@tonic-gate int size; 2078*7c478bd9Sstevel@tonic-gate { 2079*7c478bd9Sstevel@tonic-gate if (setaudit_addr(ai, size) == -1) 2080*7c478bd9Sstevel@tonic-gate exit_error(gettext("setaudit_addr(2) failed.")); 2081*7c478bd9Sstevel@tonic-gate } 2082*7c478bd9Sstevel@tonic-gate 2083*7c478bd9Sstevel@tonic-gate static uid_t 2084*7c478bd9Sstevel@tonic-gate get_user_id(user) 2085*7c478bd9Sstevel@tonic-gate char *user; 2086*7c478bd9Sstevel@tonic-gate { 2087*7c478bd9Sstevel@tonic-gate struct passwd *pwd; 2088*7c478bd9Sstevel@tonic-gate uid_t uid; 2089*7c478bd9Sstevel@tonic-gate 2090*7c478bd9Sstevel@tonic-gate setpwent(); 2091*7c478bd9Sstevel@tonic-gate if (isdigit(*user)) { 2092*7c478bd9Sstevel@tonic-gate uid = atoi(user); 2093*7c478bd9Sstevel@tonic-gate if ((pwd = getpwuid(uid)) == (struct passwd *)NULL) { 2094*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid user: %s"), user); 2095*7c478bd9Sstevel@tonic-gate } 2096*7c478bd9Sstevel@tonic-gate } else { 2097*7c478bd9Sstevel@tonic-gate if ((pwd = getpwnam(user)) == (struct passwd *)NULL) { 2098*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid user: %s"), user); 2099*7c478bd9Sstevel@tonic-gate } 2100*7c478bd9Sstevel@tonic-gate } 2101*7c478bd9Sstevel@tonic-gate endpwent(); 2102*7c478bd9Sstevel@tonic-gate 2103*7c478bd9Sstevel@tonic-gate return (pwd->pw_uid); 2104*7c478bd9Sstevel@tonic-gate } 2105*7c478bd9Sstevel@tonic-gate 2106*7c478bd9Sstevel@tonic-gate /* 2107*7c478bd9Sstevel@tonic-gate * get_arg_ent() 2108*7c478bd9Sstevel@tonic-gate * Inputs: command line argument string 2109*7c478bd9Sstevel@tonic-gate * Returns ptr to policy_entry if found; null, if not found 2110*7c478bd9Sstevel@tonic-gate */ 2111*7c478bd9Sstevel@tonic-gate static struct arg_entry * 2112*7c478bd9Sstevel@tonic-gate get_arg_ent(arg_str) 2113*7c478bd9Sstevel@tonic-gate char *arg_str; 2114*7c478bd9Sstevel@tonic-gate { 2115*7c478bd9Sstevel@tonic-gate struct arg_entry key; 2116*7c478bd9Sstevel@tonic-gate 2117*7c478bd9Sstevel@tonic-gate key.arg_str = arg_str; 2118*7c478bd9Sstevel@tonic-gate 2119*7c478bd9Sstevel@tonic-gate return ((struct arg_entry *)bsearch((char *)&key, 2120*7c478bd9Sstevel@tonic-gate (char *)arg_table, ARG_TBL_SZ, sizeof (struct arg_entry), 2121*7c478bd9Sstevel@tonic-gate arg_ent_compare)); 2122*7c478bd9Sstevel@tonic-gate } 2123*7c478bd9Sstevel@tonic-gate 2124*7c478bd9Sstevel@tonic-gate /* 2125*7c478bd9Sstevel@tonic-gate * arg_ent_compare() 2126*7c478bd9Sstevel@tonic-gate * Compares two command line arguments to determine which is 2127*7c478bd9Sstevel@tonic-gate * lexicographically greater. 2128*7c478bd9Sstevel@tonic-gate * Inputs: two argument map table entry pointers 2129*7c478bd9Sstevel@tonic-gate * Returns: > 1: aep1->arg_str > aep2->arg_str 2130*7c478bd9Sstevel@tonic-gate * < 1: aep1->arg_str < aep2->arg_str 2131*7c478bd9Sstevel@tonic-gate * 0: aep1->arg_str = aep->arg_str2 2132*7c478bd9Sstevel@tonic-gate */ 2133*7c478bd9Sstevel@tonic-gate static int 2134*7c478bd9Sstevel@tonic-gate arg_ent_compare(aep1, aep2) 2135*7c478bd9Sstevel@tonic-gate struct arg_entry *aep1, *aep2; 2136*7c478bd9Sstevel@tonic-gate { 2137*7c478bd9Sstevel@tonic-gate return (strcmp(aep1->arg_str, aep2->arg_str)); 2138*7c478bd9Sstevel@tonic-gate } 2139*7c478bd9Sstevel@tonic-gate 2140*7c478bd9Sstevel@tonic-gate /* 2141*7c478bd9Sstevel@tonic-gate * Convert mask of the following forms: 2142*7c478bd9Sstevel@tonic-gate * 2143*7c478bd9Sstevel@tonic-gate * audit_flags (ie. +lo,-ad,pc) 2144*7c478bd9Sstevel@tonic-gate * 0xffffffff,0xffffffff 2145*7c478bd9Sstevel@tonic-gate * ffffffff,ffffffff 2146*7c478bd9Sstevel@tonic-gate * 20,20 2147*7c478bd9Sstevel@tonic-gate */ 2148*7c478bd9Sstevel@tonic-gate static void 2149*7c478bd9Sstevel@tonic-gate str2mask(mask_str, mp) 2150*7c478bd9Sstevel@tonic-gate char *mask_str; 2151*7c478bd9Sstevel@tonic-gate au_mask_t *mp; 2152*7c478bd9Sstevel@tonic-gate { 2153*7c478bd9Sstevel@tonic-gate 2154*7c478bd9Sstevel@tonic-gate char sp[256]; 2155*7c478bd9Sstevel@tonic-gate char fp[256]; 2156*7c478bd9Sstevel@tonic-gate 2157*7c478bd9Sstevel@tonic-gate mp->am_success = 0; 2158*7c478bd9Sstevel@tonic-gate mp->am_failure = 0; 2159*7c478bd9Sstevel@tonic-gate 2160*7c478bd9Sstevel@tonic-gate /* 2161*7c478bd9Sstevel@tonic-gate * a mask of the form +aa,bb,cc,-dd 2162*7c478bd9Sstevel@tonic-gate */ 2163*7c478bd9Sstevel@tonic-gate if (strisflags(mask_str)) { 2164*7c478bd9Sstevel@tonic-gate egetauditflagsbin(mask_str, mp); 2165*7c478bd9Sstevel@tonic-gate /* 2166*7c478bd9Sstevel@tonic-gate * a mask of the form 0xffffffff,0xffffffff or 1,1 2167*7c478bd9Sstevel@tonic-gate */ 2168*7c478bd9Sstevel@tonic-gate } else { 2169*7c478bd9Sstevel@tonic-gate strsplit(mask_str, sp, fp, ','); 2170*7c478bd9Sstevel@tonic-gate 2171*7c478bd9Sstevel@tonic-gate if (strlen(sp) > (size_t)2 && !strncasecmp(sp, "0x", 2)) 2172*7c478bd9Sstevel@tonic-gate (void) sscanf(sp + 2, "%x", &mp->am_success); 2173*7c478bd9Sstevel@tonic-gate else 2174*7c478bd9Sstevel@tonic-gate (void) sscanf(sp, "%u", &mp->am_success); 2175*7c478bd9Sstevel@tonic-gate 2176*7c478bd9Sstevel@tonic-gate if (strlen(fp) > (size_t)2 && !strncasecmp(fp, "0x", 2)) 2177*7c478bd9Sstevel@tonic-gate (void) sscanf(fp + 2, "%x", &mp->am_failure); 2178*7c478bd9Sstevel@tonic-gate else 2179*7c478bd9Sstevel@tonic-gate (void) sscanf(fp, "%u", &mp->am_failure); 2180*7c478bd9Sstevel@tonic-gate } 2181*7c478bd9Sstevel@tonic-gate } 2182*7c478bd9Sstevel@tonic-gate 2183*7c478bd9Sstevel@tonic-gate /* 2184*7c478bd9Sstevel@tonic-gate * tid_str is major,minor,host -- host is a name or an ip address 2185*7c478bd9Sstevel@tonic-gate */ 2186*7c478bd9Sstevel@tonic-gate 2187*7c478bd9Sstevel@tonic-gate static void 2188*7c478bd9Sstevel@tonic-gate str2tid(char *tid_str, au_tid_addr_t *tp) 2189*7c478bd9Sstevel@tonic-gate { 2190*7c478bd9Sstevel@tonic-gate char *major_str = (char *)NULL; 2191*7c478bd9Sstevel@tonic-gate char *minor_str = (char *)NULL; 2192*7c478bd9Sstevel@tonic-gate char *host_str = (char *)NULL; 2193*7c478bd9Sstevel@tonic-gate major_t major = 0; 2194*7c478bd9Sstevel@tonic-gate major_t minor = 0; 2195*7c478bd9Sstevel@tonic-gate dev_t dev = 0; 2196*7c478bd9Sstevel@tonic-gate struct hostent *phe; 2197*7c478bd9Sstevel@tonic-gate int err; 2198*7c478bd9Sstevel@tonic-gate uint32_t ibuf; 2199*7c478bd9Sstevel@tonic-gate uint32_t ibuf6[4]; 2200*7c478bd9Sstevel@tonic-gate 2201*7c478bd9Sstevel@tonic-gate tp->at_port = 0; 2202*7c478bd9Sstevel@tonic-gate tp->at_type = 0; 2203*7c478bd9Sstevel@tonic-gate bzero(tp->at_addr, 16); 2204*7c478bd9Sstevel@tonic-gate 2205*7c478bd9Sstevel@tonic-gate major_str = tid_str; 2206*7c478bd9Sstevel@tonic-gate if ((minor_str = strchr(tid_str, ',')) != NULL) { 2207*7c478bd9Sstevel@tonic-gate *minor_str = '\0'; 2208*7c478bd9Sstevel@tonic-gate minor_str++; 2209*7c478bd9Sstevel@tonic-gate } 2210*7c478bd9Sstevel@tonic-gate 2211*7c478bd9Sstevel@tonic-gate if (minor_str) 2212*7c478bd9Sstevel@tonic-gate if ((host_str = strchr(minor_str, ',')) != NULL) { 2213*7c478bd9Sstevel@tonic-gate *host_str = '\0'; 2214*7c478bd9Sstevel@tonic-gate host_str++; 2215*7c478bd9Sstevel@tonic-gate } 2216*7c478bd9Sstevel@tonic-gate 2217*7c478bd9Sstevel@tonic-gate if (major_str) 2218*7c478bd9Sstevel@tonic-gate major = (major_t)atoi(major_str); 2219*7c478bd9Sstevel@tonic-gate 2220*7c478bd9Sstevel@tonic-gate if (minor_str) 2221*7c478bd9Sstevel@tonic-gate minor = (minor_t)atoi(minor_str); 2222*7c478bd9Sstevel@tonic-gate 2223*7c478bd9Sstevel@tonic-gate if ((dev = makedev(major, minor)) != NODEV) 2224*7c478bd9Sstevel@tonic-gate tp->at_port = dev; 2225*7c478bd9Sstevel@tonic-gate 2226*7c478bd9Sstevel@tonic-gate if (host_str) { 2227*7c478bd9Sstevel@tonic-gate if (strisipaddr(host_str)) { 2228*7c478bd9Sstevel@tonic-gate if (inet_pton(AF_INET, host_str, &ibuf)) { 2229*7c478bd9Sstevel@tonic-gate tp->at_addr[0] = ibuf; 2230*7c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv4; 2231*7c478bd9Sstevel@tonic-gate } else if (inet_pton(AF_INET6, host_str, ibuf6)) { 2232*7c478bd9Sstevel@tonic-gate tp->at_addr[0] = ibuf6[0]; 2233*7c478bd9Sstevel@tonic-gate tp->at_addr[1] = ibuf6[1]; 2234*7c478bd9Sstevel@tonic-gate tp->at_addr[2] = ibuf6[2]; 2235*7c478bd9Sstevel@tonic-gate tp->at_addr[3] = ibuf6[3]; 2236*7c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv6; 2237*7c478bd9Sstevel@tonic-gate } 2238*7c478bd9Sstevel@tonic-gate } else { 2239*7c478bd9Sstevel@tonic-gate phe = getipnodebyname((const void *)host_str, 2240*7c478bd9Sstevel@tonic-gate AF_INET, 0, &err); 2241*7c478bd9Sstevel@tonic-gate if (phe == 0) { 2242*7c478bd9Sstevel@tonic-gate phe = getipnodebyname((const void *)host_str, 2243*7c478bd9Sstevel@tonic-gate AF_INET6, 0, &err); 2244*7c478bd9Sstevel@tonic-gate } 2245*7c478bd9Sstevel@tonic-gate 2246*7c478bd9Sstevel@tonic-gate if (phe != NULL) { 2247*7c478bd9Sstevel@tonic-gate if (phe->h_addrtype == AF_INET6) { 2248*7c478bd9Sstevel@tonic-gate /* address is IPv6 (128 bits) */ 2249*7c478bd9Sstevel@tonic-gate (void) memcpy(&tp->at_addr[0], 2250*7c478bd9Sstevel@tonic-gate phe->h_addr_list[0], 16); 2251*7c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv6; 2252*7c478bd9Sstevel@tonic-gate } else { 2253*7c478bd9Sstevel@tonic-gate /* address is IPv4 (32 bits) */ 2254*7c478bd9Sstevel@tonic-gate (void) memcpy(&tp->at_addr[0], 2255*7c478bd9Sstevel@tonic-gate phe->h_addr_list[0], 4); 2256*7c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv4; 2257*7c478bd9Sstevel@tonic-gate } 2258*7c478bd9Sstevel@tonic-gate freehostent(phe); 2259*7c478bd9Sstevel@tonic-gate } 2260*7c478bd9Sstevel@tonic-gate } 2261*7c478bd9Sstevel@tonic-gate } 2262*7c478bd9Sstevel@tonic-gate } 2263*7c478bd9Sstevel@tonic-gate 2264*7c478bd9Sstevel@tonic-gate static int 2265*7c478bd9Sstevel@tonic-gate cond2str(cond, cond_str) 2266*7c478bd9Sstevel@tonic-gate uint_t cond; 2267*7c478bd9Sstevel@tonic-gate char *cond_str; 2268*7c478bd9Sstevel@tonic-gate { 2269*7c478bd9Sstevel@tonic-gate *cond_str = '\0'; 2270*7c478bd9Sstevel@tonic-gate 2271*7c478bd9Sstevel@tonic-gate if (cond == AUC_AUDITING) { 2272*7c478bd9Sstevel@tonic-gate (void) strcpy(cond_str, "auditing"); 2273*7c478bd9Sstevel@tonic-gate return (0); 2274*7c478bd9Sstevel@tonic-gate } 2275*7c478bd9Sstevel@tonic-gate 2276*7c478bd9Sstevel@tonic-gate if ((cond == AUC_NOAUDIT) || (cond == AUC_INIT_AUDIT)) { 2277*7c478bd9Sstevel@tonic-gate (void) strcpy(cond_str, "noaudit"); 2278*7c478bd9Sstevel@tonic-gate return (0); 2279*7c478bd9Sstevel@tonic-gate } 2280*7c478bd9Sstevel@tonic-gate 2281*7c478bd9Sstevel@tonic-gate if (cond == AUC_UNSET) { 2282*7c478bd9Sstevel@tonic-gate (void) strcpy(cond_str, "unset"); 2283*7c478bd9Sstevel@tonic-gate return (0); 2284*7c478bd9Sstevel@tonic-gate } 2285*7c478bd9Sstevel@tonic-gate 2286*7c478bd9Sstevel@tonic-gate if (cond == AUC_NOSPACE) { 2287*7c478bd9Sstevel@tonic-gate (void) strcpy(cond_str, "nospace"); 2288*7c478bd9Sstevel@tonic-gate return (0); 2289*7c478bd9Sstevel@tonic-gate } 2290*7c478bd9Sstevel@tonic-gate 2291*7c478bd9Sstevel@tonic-gate return (1); 2292*7c478bd9Sstevel@tonic-gate } 2293*7c478bd9Sstevel@tonic-gate 2294*7c478bd9Sstevel@tonic-gate static struct policy_entry * 2295*7c478bd9Sstevel@tonic-gate get_policy_ent(policy) 2296*7c478bd9Sstevel@tonic-gate char *policy; 2297*7c478bd9Sstevel@tonic-gate { 2298*7c478bd9Sstevel@tonic-gate int i; 2299*7c478bd9Sstevel@tonic-gate 2300*7c478bd9Sstevel@tonic-gate for (i = 0; i < POLICY_TBL_SZ; i++) 2301*7c478bd9Sstevel@tonic-gate if (strcmp(strtolower(policy), 2302*7c478bd9Sstevel@tonic-gate policy_table[i].policy_str) == 0) 2303*7c478bd9Sstevel@tonic-gate return (&policy_table[i]); 2304*7c478bd9Sstevel@tonic-gate 2305*7c478bd9Sstevel@tonic-gate return ((struct policy_entry *)NULL); 2306*7c478bd9Sstevel@tonic-gate } 2307*7c478bd9Sstevel@tonic-gate 2308*7c478bd9Sstevel@tonic-gate static int 2309*7c478bd9Sstevel@tonic-gate str2policy(char *policy_str, uint_t *policy_mask) 2310*7c478bd9Sstevel@tonic-gate { 2311*7c478bd9Sstevel@tonic-gate char *buf; 2312*7c478bd9Sstevel@tonic-gate char *tok; 2313*7c478bd9Sstevel@tonic-gate char pfix; 2314*7c478bd9Sstevel@tonic-gate boolean_t is_all = 0; 2315*7c478bd9Sstevel@tonic-gate uint_t pm = 0; 2316*7c478bd9Sstevel@tonic-gate uint_t curp = 0; 2317*7c478bd9Sstevel@tonic-gate struct policy_entry *pep; 2318*7c478bd9Sstevel@tonic-gate 2319*7c478bd9Sstevel@tonic-gate pfix = *policy_str; 2320*7c478bd9Sstevel@tonic-gate 2321*7c478bd9Sstevel@tonic-gate if (pfix == '-' || pfix == '+' || pfix == '=') 2322*7c478bd9Sstevel@tonic-gate ++policy_str; 2323*7c478bd9Sstevel@tonic-gate 2324*7c478bd9Sstevel@tonic-gate if ((buf = strdup(policy_str)) == NULL) 2325*7c478bd9Sstevel@tonic-gate return (1); 2326*7c478bd9Sstevel@tonic-gate 2327*7c478bd9Sstevel@tonic-gate for (tok = strtok(buf, ","); tok != NULL; 2328*7c478bd9Sstevel@tonic-gate tok = strtok(NULL, ",")) { 2329*7c478bd9Sstevel@tonic-gate if ((pep = get_policy_ent(tok)) == NULL) { 2330*7c478bd9Sstevel@tonic-gate return (1); 2331*7c478bd9Sstevel@tonic-gate } else { 2332*7c478bd9Sstevel@tonic-gate pm |= pep->policy_mask; 2333*7c478bd9Sstevel@tonic-gate if (pep->policy_mask == ALL_POLICIES) 2334*7c478bd9Sstevel@tonic-gate is_all = 1; 2335*7c478bd9Sstevel@tonic-gate } 2336*7c478bd9Sstevel@tonic-gate } 2337*7c478bd9Sstevel@tonic-gate 2338*7c478bd9Sstevel@tonic-gate free(buf); 2339*7c478bd9Sstevel@tonic-gate 2340*7c478bd9Sstevel@tonic-gate if (pfix == '-') { 2341*7c478bd9Sstevel@tonic-gate if (!is_all && (getzoneid() != GLOBAL_ZONEID) && 2342*7c478bd9Sstevel@tonic-gate (pm & ~AUDIT_LOCAL)) 2343*7c478bd9Sstevel@tonic-gate return (2); 2344*7c478bd9Sstevel@tonic-gate 2345*7c478bd9Sstevel@tonic-gate eauditon(A_GETPOLICY, (caddr_t)&curp, 0); 2346*7c478bd9Sstevel@tonic-gate if (getzoneid() != GLOBAL_ZONEID) 2347*7c478bd9Sstevel@tonic-gate curp &= AUDIT_LOCAL; 2348*7c478bd9Sstevel@tonic-gate *policy_mask = curp & ~pm; 2349*7c478bd9Sstevel@tonic-gate } else if (pfix == '+') { 2350*7c478bd9Sstevel@tonic-gate /* 2351*7c478bd9Sstevel@tonic-gate * if the user is in a local zone and tries ahlt or 2352*7c478bd9Sstevel@tonic-gate * perzone, that's an error. But if the user uses "all" 2353*7c478bd9Sstevel@tonic-gate * then make it work 2354*7c478bd9Sstevel@tonic-gate */ 2355*7c478bd9Sstevel@tonic-gate if (!is_all && (getzoneid() != GLOBAL_ZONEID) && 2356*7c478bd9Sstevel@tonic-gate (pm & ~AUDIT_LOCAL)) 2357*7c478bd9Sstevel@tonic-gate return (2); 2358*7c478bd9Sstevel@tonic-gate eauditon(A_GETPOLICY, (caddr_t)&curp, 0); 2359*7c478bd9Sstevel@tonic-gate if (getzoneid() != GLOBAL_ZONEID) { 2360*7c478bd9Sstevel@tonic-gate curp &= AUDIT_LOCAL; 2361*7c478bd9Sstevel@tonic-gate if (is_all) 2362*7c478bd9Sstevel@tonic-gate pm &= AUDIT_LOCAL; 2363*7c478bd9Sstevel@tonic-gate } 2364*7c478bd9Sstevel@tonic-gate *policy_mask = curp | pm; 2365*7c478bd9Sstevel@tonic-gate } else { 2366*7c478bd9Sstevel@tonic-gate if (is_all && (getzoneid() != GLOBAL_ZONEID)) 2367*7c478bd9Sstevel@tonic-gate pm &= AUDIT_LOCAL; 2368*7c478bd9Sstevel@tonic-gate 2369*7c478bd9Sstevel@tonic-gate *policy_mask = pm; 2370*7c478bd9Sstevel@tonic-gate } 2371*7c478bd9Sstevel@tonic-gate return (0); 2372*7c478bd9Sstevel@tonic-gate } 2373*7c478bd9Sstevel@tonic-gate 2374*7c478bd9Sstevel@tonic-gate static int 2375*7c478bd9Sstevel@tonic-gate policy2str(policy, policy_str, len) 2376*7c478bd9Sstevel@tonic-gate uint_t policy; 2377*7c478bd9Sstevel@tonic-gate char *policy_str; 2378*7c478bd9Sstevel@tonic-gate size_t len; 2379*7c478bd9Sstevel@tonic-gate { 2380*7c478bd9Sstevel@tonic-gate int i, j; 2381*7c478bd9Sstevel@tonic-gate 2382*7c478bd9Sstevel@tonic-gate if (policy == ALL_POLICIES) { 2383*7c478bd9Sstevel@tonic-gate (void) strcpy(policy_str, "all"); 2384*7c478bd9Sstevel@tonic-gate return (1); 2385*7c478bd9Sstevel@tonic-gate } 2386*7c478bd9Sstevel@tonic-gate 2387*7c478bd9Sstevel@tonic-gate if (policy == NO_POLICIES) { 2388*7c478bd9Sstevel@tonic-gate (void) strcpy(policy_str, "none"); 2389*7c478bd9Sstevel@tonic-gate return (1); 2390*7c478bd9Sstevel@tonic-gate } 2391*7c478bd9Sstevel@tonic-gate 2392*7c478bd9Sstevel@tonic-gate *policy_str = '\0'; 2393*7c478bd9Sstevel@tonic-gate 2394*7c478bd9Sstevel@tonic-gate for (i = 0, j = 0; i < POLICY_TBL_SZ; i++) 2395*7c478bd9Sstevel@tonic-gate if (policy & policy_table[i].policy_mask && 2396*7c478bd9Sstevel@tonic-gate policy_table[i].policy_mask != ALL_POLICIES) { 2397*7c478bd9Sstevel@tonic-gate if (j++) 2398*7c478bd9Sstevel@tonic-gate (void) strcat(policy_str, ","); 2399*7c478bd9Sstevel@tonic-gate (void) strlcat(policy_str, 2400*7c478bd9Sstevel@tonic-gate policy_table[i].policy_str, len); 2401*7c478bd9Sstevel@tonic-gate } 2402*7c478bd9Sstevel@tonic-gate 2403*7c478bd9Sstevel@tonic-gate if (*policy_str) 2404*7c478bd9Sstevel@tonic-gate return (0); 2405*7c478bd9Sstevel@tonic-gate 2406*7c478bd9Sstevel@tonic-gate return (1); 2407*7c478bd9Sstevel@tonic-gate } 2408*7c478bd9Sstevel@tonic-gate 2409*7c478bd9Sstevel@tonic-gate 2410*7c478bd9Sstevel@tonic-gate static int 2411*7c478bd9Sstevel@tonic-gate strisnum(s) 2412*7c478bd9Sstevel@tonic-gate char *s; 2413*7c478bd9Sstevel@tonic-gate { 2414*7c478bd9Sstevel@tonic-gate if (s == (char *)NULL || !*s) 2415*7c478bd9Sstevel@tonic-gate return (0); 2416*7c478bd9Sstevel@tonic-gate 2417*7c478bd9Sstevel@tonic-gate for (; *s == '-' || *s == '+'; s++) 2418*7c478bd9Sstevel@tonic-gate 2419*7c478bd9Sstevel@tonic-gate if (!*s) 2420*7c478bd9Sstevel@tonic-gate return (0); 2421*7c478bd9Sstevel@tonic-gate 2422*7c478bd9Sstevel@tonic-gate for (; *s; s++) 2423*7c478bd9Sstevel@tonic-gate if (!isdigit(*s)) 2424*7c478bd9Sstevel@tonic-gate return (0); 2425*7c478bd9Sstevel@tonic-gate 2426*7c478bd9Sstevel@tonic-gate return (1); 2427*7c478bd9Sstevel@tonic-gate } 2428*7c478bd9Sstevel@tonic-gate 2429*7c478bd9Sstevel@tonic-gate static int 2430*7c478bd9Sstevel@tonic-gate strisflags(s) 2431*7c478bd9Sstevel@tonic-gate char *s; 2432*7c478bd9Sstevel@tonic-gate { 2433*7c478bd9Sstevel@tonic-gate if (s == (char *)NULL || !*s) 2434*7c478bd9Sstevel@tonic-gate return (0); 2435*7c478bd9Sstevel@tonic-gate 2436*7c478bd9Sstevel@tonic-gate for (; *s; s++) { 2437*7c478bd9Sstevel@tonic-gate if (!isalpha(*s) && 2438*7c478bd9Sstevel@tonic-gate (*s != '+' && *s != '-' && *s != '^' && *s != ',')) 2439*7c478bd9Sstevel@tonic-gate return (0); 2440*7c478bd9Sstevel@tonic-gate } 2441*7c478bd9Sstevel@tonic-gate 2442*7c478bd9Sstevel@tonic-gate return (1); 2443*7c478bd9Sstevel@tonic-gate } 2444*7c478bd9Sstevel@tonic-gate 2445*7c478bd9Sstevel@tonic-gate static int 2446*7c478bd9Sstevel@tonic-gate strisipaddr(s) 2447*7c478bd9Sstevel@tonic-gate char *s; 2448*7c478bd9Sstevel@tonic-gate { 2449*7c478bd9Sstevel@tonic-gate int dot = 0; 2450*7c478bd9Sstevel@tonic-gate int colon = 0; 2451*7c478bd9Sstevel@tonic-gate 2452*7c478bd9Sstevel@tonic-gate /* no string */ 2453*7c478bd9Sstevel@tonic-gate if ((s == (char *)NULL) || (!*s)) 2454*7c478bd9Sstevel@tonic-gate return (0); 2455*7c478bd9Sstevel@tonic-gate 2456*7c478bd9Sstevel@tonic-gate for (; *s; s++) { 2457*7c478bd9Sstevel@tonic-gate if (!(isxdigit(*s) || *s != '.' || *s != ':')) 2458*7c478bd9Sstevel@tonic-gate return (0); 2459*7c478bd9Sstevel@tonic-gate if (*s == '.') dot++; 2460*7c478bd9Sstevel@tonic-gate if (*s == ':') colon++; 2461*7c478bd9Sstevel@tonic-gate } 2462*7c478bd9Sstevel@tonic-gate 2463*7c478bd9Sstevel@tonic-gate if (dot && colon) 2464*7c478bd9Sstevel@tonic-gate return (0); 2465*7c478bd9Sstevel@tonic-gate 2466*7c478bd9Sstevel@tonic-gate if (!dot && !colon) 2467*7c478bd9Sstevel@tonic-gate return (0); 2468*7c478bd9Sstevel@tonic-gate 2469*7c478bd9Sstevel@tonic-gate return (1); 2470*7c478bd9Sstevel@tonic-gate } 2471*7c478bd9Sstevel@tonic-gate 2472*7c478bd9Sstevel@tonic-gate static void 2473*7c478bd9Sstevel@tonic-gate strsplit(s, p1, p2, c) 2474*7c478bd9Sstevel@tonic-gate char *s; 2475*7c478bd9Sstevel@tonic-gate char *p1; 2476*7c478bd9Sstevel@tonic-gate char *p2; 2477*7c478bd9Sstevel@tonic-gate char c; 2478*7c478bd9Sstevel@tonic-gate { 2479*7c478bd9Sstevel@tonic-gate *p1 = *p2 = '\0'; 2480*7c478bd9Sstevel@tonic-gate 2481*7c478bd9Sstevel@tonic-gate while (*s != '\0' && *s != c) 2482*7c478bd9Sstevel@tonic-gate *p1++ = *s++; 2483*7c478bd9Sstevel@tonic-gate *p1 = '\0'; 2484*7c478bd9Sstevel@tonic-gate s++; 2485*7c478bd9Sstevel@tonic-gate 2486*7c478bd9Sstevel@tonic-gate while (*s != '\0') 2487*7c478bd9Sstevel@tonic-gate *p2++ = *s++; 2488*7c478bd9Sstevel@tonic-gate *p2 = '\0'; 2489*7c478bd9Sstevel@tonic-gate } 2490*7c478bd9Sstevel@tonic-gate 2491*7c478bd9Sstevel@tonic-gate static char * 2492*7c478bd9Sstevel@tonic-gate strtolower(s) 2493*7c478bd9Sstevel@tonic-gate char *s; 2494*7c478bd9Sstevel@tonic-gate { 2495*7c478bd9Sstevel@tonic-gate char *save; 2496*7c478bd9Sstevel@tonic-gate 2497*7c478bd9Sstevel@tonic-gate for (save = s; *s; s++) 2498*7c478bd9Sstevel@tonic-gate (void) tolower(*s); 2499*7c478bd9Sstevel@tonic-gate 2500*7c478bd9Sstevel@tonic-gate return (save); 2501*7c478bd9Sstevel@tonic-gate } 2502*7c478bd9Sstevel@tonic-gate 2503*7c478bd9Sstevel@tonic-gate static void 2504*7c478bd9Sstevel@tonic-gate chk_event_num(etype, event) 2505*7c478bd9Sstevel@tonic-gate int etype; 2506*7c478bd9Sstevel@tonic-gate au_event_t event; 2507*7c478bd9Sstevel@tonic-gate { 2508*7c478bd9Sstevel@tonic-gate au_stat_t as; 2509*7c478bd9Sstevel@tonic-gate 2510*7c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 2511*7c478bd9Sstevel@tonic-gate 2512*7c478bd9Sstevel@tonic-gate if (etype == AC_KERN_EVENT) { 2513*7c478bd9Sstevel@tonic-gate if (event > as.as_numevent) { 2514*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid kernel audit event number " 2515*7c478bd9Sstevel@tonic-gate "specified.\n\t%d is outside allowable range 0-%d."), 2516*7c478bd9Sstevel@tonic-gate event, as.as_numevent); 2517*7c478bd9Sstevel@tonic-gate } 2518*7c478bd9Sstevel@tonic-gate } else { /* user event */ 2519*7c478bd9Sstevel@tonic-gate if (event <= as.as_numevent) { 2520*7c478bd9Sstevel@tonic-gate exit_error(gettext( 2521*7c478bd9Sstevel@tonic-gate "Invalid user level audit event number specified %d."), 2522*7c478bd9Sstevel@tonic-gate event); 2523*7c478bd9Sstevel@tonic-gate } 2524*7c478bd9Sstevel@tonic-gate } 2525*7c478bd9Sstevel@tonic-gate } 2526*7c478bd9Sstevel@tonic-gate 2527*7c478bd9Sstevel@tonic-gate static void 2528*7c478bd9Sstevel@tonic-gate chk_event_str(etype, event_str) 2529*7c478bd9Sstevel@tonic-gate int etype; 2530*7c478bd9Sstevel@tonic-gate char *event_str; 2531*7c478bd9Sstevel@tonic-gate { 2532*7c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 2533*7c478bd9Sstevel@tonic-gate au_stat_t as; 2534*7c478bd9Sstevel@tonic-gate 2535*7c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 2536*7c478bd9Sstevel@tonic-gate 2537*7c478bd9Sstevel@tonic-gate evp = egetauevnam(event_str); 2538*7c478bd9Sstevel@tonic-gate if (etype == AC_KERN_EVENT && (evp->ae_number > as.as_numevent)) { 2539*7c478bd9Sstevel@tonic-gate exit_error( 2540*7c478bd9Sstevel@tonic-gate gettext("Invalid kernel audit event string specified.\n" 2541*7c478bd9Sstevel@tonic-gate "\t\"%s\" appears to be a user level event. " 2542*7c478bd9Sstevel@tonic-gate "Check configuration."), 2543*7c478bd9Sstevel@tonic-gate event_str); 2544*7c478bd9Sstevel@tonic-gate } else if (etype == AC_USER_EVENT && 2545*7c478bd9Sstevel@tonic-gate (evp->ae_number < as.as_numevent)) { 2546*7c478bd9Sstevel@tonic-gate exit_error( 2547*7c478bd9Sstevel@tonic-gate gettext("Invalid user audit event string specified.\n" 2548*7c478bd9Sstevel@tonic-gate "\t\"%s\" appears to be a kernel event. " 2549*7c478bd9Sstevel@tonic-gate "Check configuration."), 2550*7c478bd9Sstevel@tonic-gate event_str); 2551*7c478bd9Sstevel@tonic-gate } 2552*7c478bd9Sstevel@tonic-gate } 2553*7c478bd9Sstevel@tonic-gate 2554*7c478bd9Sstevel@tonic-gate static void 2555*7c478bd9Sstevel@tonic-gate chk_sorf(sorf_str) 2556*7c478bd9Sstevel@tonic-gate char *sorf_str; 2557*7c478bd9Sstevel@tonic-gate { 2558*7c478bd9Sstevel@tonic-gate if (!strisnum(sorf_str)) 2559*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid sorf specified: %s"), sorf_str); 2560*7c478bd9Sstevel@tonic-gate } 2561*7c478bd9Sstevel@tonic-gate 2562*7c478bd9Sstevel@tonic-gate static void 2563*7c478bd9Sstevel@tonic-gate chk_retval(retval_str) 2564*7c478bd9Sstevel@tonic-gate char *retval_str; 2565*7c478bd9Sstevel@tonic-gate { 2566*7c478bd9Sstevel@tonic-gate if (!strisnum(retval_str)) 2567*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid retval specified: %s"), retval_str); 2568*7c478bd9Sstevel@tonic-gate } 2569*7c478bd9Sstevel@tonic-gate 2570*7c478bd9Sstevel@tonic-gate static void 2571*7c478bd9Sstevel@tonic-gate chk_tid(tid_str) 2572*7c478bd9Sstevel@tonic-gate char *tid_str; 2573*7c478bd9Sstevel@tonic-gate { 2574*7c478bd9Sstevel@tonic-gate int c; 2575*7c478bd9Sstevel@tonic-gate char *p; 2576*7c478bd9Sstevel@tonic-gate 2577*7c478bd9Sstevel@tonic-gate /* need two commas (maj,min,hostname) */ 2578*7c478bd9Sstevel@tonic-gate 2579*7c478bd9Sstevel@tonic-gate 2580*7c478bd9Sstevel@tonic-gate for (p = tid_str, c = 0; *p; p++) 2581*7c478bd9Sstevel@tonic-gate if (*p == ',') 2582*7c478bd9Sstevel@tonic-gate ++c; 2583*7c478bd9Sstevel@tonic-gate if (c != 2) 2584*7c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid tid specified: %s"), tid_str); 2585*7c478bd9Sstevel@tonic-gate } 2586*7c478bd9Sstevel@tonic-gate 2587*7c478bd9Sstevel@tonic-gate static void 2588*7c478bd9Sstevel@tonic-gate execit(argv) 2589*7c478bd9Sstevel@tonic-gate char **argv; 2590*7c478bd9Sstevel@tonic-gate { 2591*7c478bd9Sstevel@tonic-gate char *shell; 2592*7c478bd9Sstevel@tonic-gate 2593*7c478bd9Sstevel@tonic-gate if (*argv) 2594*7c478bd9Sstevel@tonic-gate (void) execvp(*argv, argv); 2595*7c478bd9Sstevel@tonic-gate else { 2596*7c478bd9Sstevel@tonic-gate if (((shell = getenv("SHELL")) == (char *)NULL) || 2597*7c478bd9Sstevel@tonic-gate *shell != '/') 2598*7c478bd9Sstevel@tonic-gate shell = "/bin/csh"; 2599*7c478bd9Sstevel@tonic-gate 2600*7c478bd9Sstevel@tonic-gate (void) execlp(shell, shell, (char *)NULL); 2601*7c478bd9Sstevel@tonic-gate } 2602*7c478bd9Sstevel@tonic-gate 2603*7c478bd9Sstevel@tonic-gate exit_error(gettext("exec(2) failed")); 2604*7c478bd9Sstevel@tonic-gate } 2605*7c478bd9Sstevel@tonic-gate 2606*7c478bd9Sstevel@tonic-gate /* 2607*7c478bd9Sstevel@tonic-gate * exit_error() 2608*7c478bd9Sstevel@tonic-gate * Desc: Prints an error message along with corresponding system 2609*7c478bd9Sstevel@tonic-gate * error number and error message, then exits. 2610*7c478bd9Sstevel@tonic-gate * Inputs: Program name, program error message. 2611*7c478bd9Sstevel@tonic-gate */ 2612*7c478bd9Sstevel@tonic-gate /*PRINTFLIKE1*/ 2613*7c478bd9Sstevel@tonic-gate static void 2614*7c478bd9Sstevel@tonic-gate exit_error(char *fmt, ...) 2615*7c478bd9Sstevel@tonic-gate { 2616*7c478bd9Sstevel@tonic-gate va_list args; 2617*7c478bd9Sstevel@tonic-gate 2618*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s: ", progname); 2619*7c478bd9Sstevel@tonic-gate 2620*7c478bd9Sstevel@tonic-gate va_start(args, fmt); 2621*7c478bd9Sstevel@tonic-gate (void) vfprintf(stderr, fmt, args); 2622*7c478bd9Sstevel@tonic-gate va_end(args); 2623*7c478bd9Sstevel@tonic-gate 2624*7c478bd9Sstevel@tonic-gate (void) fputc('\n', stderr); 2625*7c478bd9Sstevel@tonic-gate if (errno) 2626*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, gettext("%s: error = %s(%d)\n"), 2627*7c478bd9Sstevel@tonic-gate progname, strerror(errno), errno); 2628*7c478bd9Sstevel@tonic-gate (void) fflush(stderr); 2629*7c478bd9Sstevel@tonic-gate 2630*7c478bd9Sstevel@tonic-gate exit(1); 2631*7c478bd9Sstevel@tonic-gate } 2632*7c478bd9Sstevel@tonic-gate 2633*7c478bd9Sstevel@tonic-gate static void 2634*7c478bd9Sstevel@tonic-gate exit_usage(status) 2635*7c478bd9Sstevel@tonic-gate int status; 2636*7c478bd9Sstevel@tonic-gate { 2637*7c478bd9Sstevel@tonic-gate FILE *fp; 2638*7c478bd9Sstevel@tonic-gate int i; 2639*7c478bd9Sstevel@tonic-gate 2640*7c478bd9Sstevel@tonic-gate fp = (status ? stderr : stdout); 2641*7c478bd9Sstevel@tonic-gate (void) fprintf(fp, gettext("usage: %s option ...\n"), progname); 2642*7c478bd9Sstevel@tonic-gate 2643*7c478bd9Sstevel@tonic-gate for (i = 0; i < ARG2_TBL_SZ; i++) 2644*7c478bd9Sstevel@tonic-gate (void) fprintf(fp, " %s %s\n", 2645*7c478bd9Sstevel@tonic-gate arg2_table[i].arg_str, arg2_table[i].arg_opts); 2646*7c478bd9Sstevel@tonic-gate 2647*7c478bd9Sstevel@tonic-gate exit(status); 2648*7c478bd9Sstevel@tonic-gate } 2649*7c478bd9Sstevel@tonic-gate 2650*7c478bd9Sstevel@tonic-gate static void 2651*7c478bd9Sstevel@tonic-gate print_asid(asid) 2652*7c478bd9Sstevel@tonic-gate au_asid_t asid; 2653*7c478bd9Sstevel@tonic-gate { 2654*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit session id = %u\n"), asid); 2655*7c478bd9Sstevel@tonic-gate } 2656*7c478bd9Sstevel@tonic-gate 2657*7c478bd9Sstevel@tonic-gate static void 2658*7c478bd9Sstevel@tonic-gate print_auid(auid) 2659*7c478bd9Sstevel@tonic-gate au_id_t auid; 2660*7c478bd9Sstevel@tonic-gate { 2661*7c478bd9Sstevel@tonic-gate struct passwd *pwd; 2662*7c478bd9Sstevel@tonic-gate char *username; 2663*7c478bd9Sstevel@tonic-gate 2664*7c478bd9Sstevel@tonic-gate setpwent(); 2665*7c478bd9Sstevel@tonic-gate if ((pwd = getpwuid((uid_t)auid)) != (struct passwd *)NULL) 2666*7c478bd9Sstevel@tonic-gate username = pwd->pw_name; 2667*7c478bd9Sstevel@tonic-gate else 2668*7c478bd9Sstevel@tonic-gate username = gettext("unknown"); 2669*7c478bd9Sstevel@tonic-gate endpwent(); 2670*7c478bd9Sstevel@tonic-gate 2671*7c478bd9Sstevel@tonic-gate (void) printf(gettext("audit id = %s(%d)\n"), username, auid); 2672*7c478bd9Sstevel@tonic-gate } 2673*7c478bd9Sstevel@tonic-gate 2674*7c478bd9Sstevel@tonic-gate static void 2675*7c478bd9Sstevel@tonic-gate print_mask(desc, pmp) 2676*7c478bd9Sstevel@tonic-gate char *desc; 2677*7c478bd9Sstevel@tonic-gate au_mask_t *pmp; 2678*7c478bd9Sstevel@tonic-gate { 2679*7c478bd9Sstevel@tonic-gate char auflags[512]; 2680*7c478bd9Sstevel@tonic-gate 2681*7c478bd9Sstevel@tonic-gate if (getauditflagschar(auflags, pmp, NULL) < 0) 2682*7c478bd9Sstevel@tonic-gate (void) strlcpy(auflags, gettext("unknown"), sizeof (auflags)); 2683*7c478bd9Sstevel@tonic-gate 2684*7c478bd9Sstevel@tonic-gate (void) printf("%s = %s(0x%x,0x%x)\n", 2685*7c478bd9Sstevel@tonic-gate desc, auflags, pmp->am_success, pmp->am_failure); 2686*7c478bd9Sstevel@tonic-gate } 2687*7c478bd9Sstevel@tonic-gate 2688*7c478bd9Sstevel@tonic-gate static void 2689*7c478bd9Sstevel@tonic-gate print_mask1(desc, mask1) 2690*7c478bd9Sstevel@tonic-gate char *desc; 2691*7c478bd9Sstevel@tonic-gate au_class_t mask1; 2692*7c478bd9Sstevel@tonic-gate { 2693*7c478bd9Sstevel@tonic-gate (void) printf("%s = 0x%x\n", desc, (int)mask1); 2694*7c478bd9Sstevel@tonic-gate } 2695*7c478bd9Sstevel@tonic-gate 2696*7c478bd9Sstevel@tonic-gate static void 2697*7c478bd9Sstevel@tonic-gate print_stats(s) 2698*7c478bd9Sstevel@tonic-gate au_stat_t *s; 2699*7c478bd9Sstevel@tonic-gate { 2700*7c478bd9Sstevel@tonic-gate int offset[12]; /* used to line the header up correctly */ 2701*7c478bd9Sstevel@tonic-gate char buf[512]; 2702*7c478bd9Sstevel@tonic-gate 2703*7c478bd9Sstevel@tonic-gate (void) sprintf(buf, "%4lu %n%4lu %n%4lu %n%4lu %n%4lu %n%4lu %n%4lu " 2704*7c478bd9Sstevel@tonic-gate "%n%4lu %n%4lu %n%4lu %n%4lu %n%4lu%n", 2705*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_generated, &(offset[0]), 2706*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_nonattrib, &(offset[1]), 2707*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_kernel, &(offset[2]), 2708*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_audit, &(offset[3]), 2709*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_auditctl, &(offset[4]), 2710*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_enqueue, &(offset[5]), 2711*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_written, &(offset[6]), 2712*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_wblocked, &(offset[7]), 2713*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_rblocked, &(offset[8]), 2714*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_dropped, &(offset[9]), 2715*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_totalsize / ONEK, &(offset[10]), 2716*7c478bd9Sstevel@tonic-gate (ulong_t)s->as_memused / ONEK, &(offset[11])); 2717*7c478bd9Sstevel@tonic-gate 2718*7c478bd9Sstevel@tonic-gate /* 2719*7c478bd9Sstevel@tonic-gate * TRANSLATION_NOTE 2720*7c478bd9Sstevel@tonic-gate * Print a properly aligned header. 2721*7c478bd9Sstevel@tonic-gate */ 2722*7c478bd9Sstevel@tonic-gate (void) printf("%*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s\n", 2723*7c478bd9Sstevel@tonic-gate offset[0] - 1, gettext("gen"), 2724*7c478bd9Sstevel@tonic-gate offset[1] - offset[0] -1, gettext("nona"), 2725*7c478bd9Sstevel@tonic-gate offset[2] - offset[1] -1, gettext("kern"), 2726*7c478bd9Sstevel@tonic-gate offset[3] - offset[2] -1, gettext("aud"), 2727*7c478bd9Sstevel@tonic-gate offset[4] - offset[3] -1, gettext("ctl"), 2728*7c478bd9Sstevel@tonic-gate offset[5] - offset[4] -1, gettext("enq"), 2729*7c478bd9Sstevel@tonic-gate offset[6] - offset[5] -1, gettext("wrtn"), 2730*7c478bd9Sstevel@tonic-gate offset[7] - offset[6] -1, gettext("wblk"), 2731*7c478bd9Sstevel@tonic-gate offset[8] - offset[7] -1, gettext("rblk"), 2732*7c478bd9Sstevel@tonic-gate offset[9] - offset[8] -1, gettext("drop"), 2733*7c478bd9Sstevel@tonic-gate offset[10] - offset[9] -1, gettext("tot"), 2734*7c478bd9Sstevel@tonic-gate offset[11] - offset[10], gettext("mem")); 2735*7c478bd9Sstevel@tonic-gate 2736*7c478bd9Sstevel@tonic-gate (void) puts(buf); 2737*7c478bd9Sstevel@tonic-gate } 2738*7c478bd9Sstevel@tonic-gate 2739*7c478bd9Sstevel@tonic-gate static void 2740*7c478bd9Sstevel@tonic-gate print_tid_ex(tidp) 2741*7c478bd9Sstevel@tonic-gate au_tid_addr_t *tidp; 2742*7c478bd9Sstevel@tonic-gate { 2743*7c478bd9Sstevel@tonic-gate struct hostent *phe; 2744*7c478bd9Sstevel@tonic-gate char *hostname; 2745*7c478bd9Sstevel@tonic-gate struct in_addr ia; 2746*7c478bd9Sstevel@tonic-gate uint32_t *addr; 2747*7c478bd9Sstevel@tonic-gate int err; 2748*7c478bd9Sstevel@tonic-gate char buf[256]; 2749*7c478bd9Sstevel@tonic-gate char *bufp; 2750*7c478bd9Sstevel@tonic-gate 2751*7c478bd9Sstevel@tonic-gate 2752*7c478bd9Sstevel@tonic-gate /* IPV6 or IPV4 address */ 2753*7c478bd9Sstevel@tonic-gate if (tidp->at_type == AU_IPv4) { 2754*7c478bd9Sstevel@tonic-gate if ((phe = gethostbyaddr((char *)&tidp->at_addr[0], 2755*7c478bd9Sstevel@tonic-gate sizeof (tidp->at_addr[0]), 2756*7c478bd9Sstevel@tonic-gate AF_INET)) != (struct hostent *)NULL) 2757*7c478bd9Sstevel@tonic-gate hostname = phe->h_name; 2758*7c478bd9Sstevel@tonic-gate else 2759*7c478bd9Sstevel@tonic-gate hostname = gettext("unknown"); 2760*7c478bd9Sstevel@tonic-gate 2761*7c478bd9Sstevel@tonic-gate ia.s_addr = tidp->at_addr[0]; 2762*7c478bd9Sstevel@tonic-gate 2763*7c478bd9Sstevel@tonic-gate (void) printf(gettext( 2764*7c478bd9Sstevel@tonic-gate "terminal id (maj,min,host) = %u,%u,%s(%s)\n"), 2765*7c478bd9Sstevel@tonic-gate major(tidp->at_port), minor(tidp->at_port), 2766*7c478bd9Sstevel@tonic-gate hostname, inet_ntoa(ia)); 2767*7c478bd9Sstevel@tonic-gate } else { 2768*7c478bd9Sstevel@tonic-gate addr = &tidp->at_addr[0]; 2769*7c478bd9Sstevel@tonic-gate phe = getipnodebyaddr((const void *)addr, 16, AF_INET6, &err); 2770*7c478bd9Sstevel@tonic-gate 2771*7c478bd9Sstevel@tonic-gate bzero(buf, sizeof (buf)); 2772*7c478bd9Sstevel@tonic-gate 2773*7c478bd9Sstevel@tonic-gate (void) inet_ntop(AF_INET6, (void *)addr, buf, 2774*7c478bd9Sstevel@tonic-gate sizeof (buf)); 2775*7c478bd9Sstevel@tonic-gate if (phe == (struct hostent *)0) { 2776*7c478bd9Sstevel@tonic-gate bufp = gettext("unknown"); 2777*7c478bd9Sstevel@tonic-gate } else 2778*7c478bd9Sstevel@tonic-gate bufp = phe->h_name; 2779*7c478bd9Sstevel@tonic-gate 2780*7c478bd9Sstevel@tonic-gate (void) printf(gettext( 2781*7c478bd9Sstevel@tonic-gate "terminal id (maj,min,host) = %u,%u,%s(%s)\n"), 2782*7c478bd9Sstevel@tonic-gate major(tidp->at_port), minor(tidp->at_port), 2783*7c478bd9Sstevel@tonic-gate bufp, buf); 2784*7c478bd9Sstevel@tonic-gate if (phe) 2785*7c478bd9Sstevel@tonic-gate freehostent(phe); 2786*7c478bd9Sstevel@tonic-gate } 2787*7c478bd9Sstevel@tonic-gate } 2788*7c478bd9Sstevel@tonic-gate 2789*7c478bd9Sstevel@tonic-gate static int 2790*7c478bd9Sstevel@tonic-gate str2ipaddr(s, addr, type) 2791*7c478bd9Sstevel@tonic-gate char *s; 2792*7c478bd9Sstevel@tonic-gate uint32_t *addr; 2793*7c478bd9Sstevel@tonic-gate uint32_t type; 2794*7c478bd9Sstevel@tonic-gate { 2795*7c478bd9Sstevel@tonic-gate int j, sl; 2796*7c478bd9Sstevel@tonic-gate char *ss; 2797*7c478bd9Sstevel@tonic-gate unsigned int v; 2798*7c478bd9Sstevel@tonic-gate 2799*7c478bd9Sstevel@tonic-gate bzero(addr, 16); 2800*7c478bd9Sstevel@tonic-gate if (strisipaddr(s)) { 2801*7c478bd9Sstevel@tonic-gate if (type == AU_IPv4) { 2802*7c478bd9Sstevel@tonic-gate if (inet_pton(AF_INET, s, addr)) 2803*7c478bd9Sstevel@tonic-gate return (0); 2804*7c478bd9Sstevel@tonic-gate return (1); 2805*7c478bd9Sstevel@tonic-gate } 2806*7c478bd9Sstevel@tonic-gate if (type == AU_IPv6) { 2807*7c478bd9Sstevel@tonic-gate if (inet_pton(AF_INET6, s, addr)) 2808*7c478bd9Sstevel@tonic-gate return (0); 2809*7c478bd9Sstevel@tonic-gate return (1); 2810*7c478bd9Sstevel@tonic-gate } 2811*7c478bd9Sstevel@tonic-gate return (1); 2812*7c478bd9Sstevel@tonic-gate } else { 2813*7c478bd9Sstevel@tonic-gate if (type == AU_IPv4) { 2814*7c478bd9Sstevel@tonic-gate (void) sscanf(s, "%x", &addr[0]); 2815*7c478bd9Sstevel@tonic-gate return (0); 2816*7c478bd9Sstevel@tonic-gate } 2817*7c478bd9Sstevel@tonic-gate if (type == AU_IPv6) { 2818*7c478bd9Sstevel@tonic-gate sl = strlen(s); 2819*7c478bd9Sstevel@tonic-gate ss = s; 2820*7c478bd9Sstevel@tonic-gate for (j = 3; j >= 0; j--) { 2821*7c478bd9Sstevel@tonic-gate if ((sl - 8) <= 0) { 2822*7c478bd9Sstevel@tonic-gate (void) sscanf(s, "%x", &v); 2823*7c478bd9Sstevel@tonic-gate addr[j] = v; 2824*7c478bd9Sstevel@tonic-gate return (0); 2825*7c478bd9Sstevel@tonic-gate } 2826*7c478bd9Sstevel@tonic-gate ss = &s[sl-8]; 2827*7c478bd9Sstevel@tonic-gate (void) sscanf(ss, "%x", &v); 2828*7c478bd9Sstevel@tonic-gate addr[j] = v; 2829*7c478bd9Sstevel@tonic-gate sl -= 8; 2830*7c478bd9Sstevel@tonic-gate *ss = '\0'; 2831*7c478bd9Sstevel@tonic-gate } 2832*7c478bd9Sstevel@tonic-gate } 2833*7c478bd9Sstevel@tonic-gate return (0); 2834*7c478bd9Sstevel@tonic-gate } 2835*7c478bd9Sstevel@tonic-gate } 2836*7c478bd9Sstevel@tonic-gate 2837*7c478bd9Sstevel@tonic-gate static int 2838*7c478bd9Sstevel@tonic-gate str2type(s, type) 2839*7c478bd9Sstevel@tonic-gate char *s; 2840*7c478bd9Sstevel@tonic-gate uint_t *type; 2841*7c478bd9Sstevel@tonic-gate { 2842*7c478bd9Sstevel@tonic-gate if (strcmp(s, "ipv6") == 0) { 2843*7c478bd9Sstevel@tonic-gate *type = AU_IPv6; 2844*7c478bd9Sstevel@tonic-gate return (0); 2845*7c478bd9Sstevel@tonic-gate } 2846*7c478bd9Sstevel@tonic-gate if (strcmp(s, "ipv4") == 0) { 2847*7c478bd9Sstevel@tonic-gate *type = AU_IPv4; 2848*7c478bd9Sstevel@tonic-gate return (0); 2849*7c478bd9Sstevel@tonic-gate } 2850*7c478bd9Sstevel@tonic-gate 2851*7c478bd9Sstevel@tonic-gate return (1); 2852*7c478bd9Sstevel@tonic-gate } 2853